Security threats have always been difficult to be dealt with. The traditional way of dealing with security threats was to hire a gunman or a bodyguard. These methods are still effective but now, in modern times, security threats are much more digital. In modern days a lot of sensitive information is available on different servers digitally and to prevent this data from losing online security is necessary. The combination of principles of network security is based on availability, integrity, and confidentiality. These principles combined are also known as AIC triad and is used by CIA as well.
CIA and homeland developed a security system known as NG911 for the quick, efficient and effective response in case of security threats. This data is the combination of hardware, software, and procedures that deal with all emergency calls and messages and delivers them to the proper authorities/PSAPs. The system is made to support and store the sensitive data and to enhance the communications so that a coordinated response could be launched. The system is made to enhance the intercept, mitigate and response strategy in case of any emergency. NG911 also enables data sharing between the response teams. The system is developed to deal with any threat but to function it effectively it is important to make the data always available and its integrity and confidentiality should be maintained. Security systems like these are always under cyber threats, so should be protected at all cost.
As mentioned above NG911 deals with many security threats so the data available on their servers are sensitive. Therefore it is important not to lose it, hence its confidentiality should be maintained at any cost. This could be done by only allowing the authorized personals to access the sensitive data. Confidentiality could be achieved by encrypting the data available on the IP server. The message or information would be encoded and those who know the decryption would have access to the information. Also, confidentiality could be achieved by access controls and steganography. Access controls would only allow the authorized person to have access to information and steganography means to hide or conceal real information behind the fake one. “We’re all quite familiar when elements of the C.I.A mission fail. For example, Equifax breach was a major failure in protecting the confidentiality of personal information” (Rogers, 2018). The report explains how the confidentiality was breached when the credit company lost personal information of billions of people which contributed to identity theft.
“Bad actors are constantly developing new technologies and methodologies that allow them to get inside the network and alter data” (Sarnecki, 2017). The article was trying to explain that the integrity of the system is under constant threat due to 5th generation warfare. Hackers are constantly trying to hurt the integrity of the CIA by changing or altering the information. Integrity could be maintained by keeping a check on any modification of data and also to map that data. This way it would be difficult for hackers to modify any information. Availability of data is also important so that important information is accessed as quickly as possible. This could be achieved by making the information available on multiple servers. “Availability of information refers to ensuring that authorized parties can access the information when needed” (Terry, 2013). This could be maintained by making sure that data is still available even if the servers are down.
The threat to confidentiality, availability, and integrity of data can be very damaging for the reputation of any company or an organization. State security is greatly relying on the quick and effective response in case of any threats or emergencies and if CIA triad is not working properly then the nation would suffer. So, it is important for IT members to maintain the reputation of the CIA so that people could trust them with their lives.