Breaking Down Cybersecurity: The Real Meaning Behind the Jargon — Matt Palmer
Cyber security is often conflated with the term , but that is not correct. Traditionally, professionals tend to define it as being about confidentiality, integrity and availability (known as the CIA triad), but that’s not quite right either. So what is it?
In the process of advising on our new cyber security legislation, I’ve had to stop and reflect on what cyber security really is, and how we can explain it in simple but clear terms: Putting to one side the semantic discussions about terminology that professionals often love to have, and focussing instead on what cyber security really means in practice.
Essentially there are five elements to consider: Confidentiality, Integrity, Availability, Authenticity and Non-repudiation (these are often called the pillars of information assurance).
The two additional terms are authenticity and non-repudiation: Authenticity means knowing who did something; non-repudiation means being able to prove it. They are not quite the same: I know my son broke my office window because he was the only one who plays football in the garden; I can prove it because his sister saw him kick the ball.
The five of these elements interact: you cannot have one without the others if you want to have trust.
