The three-point support approach to cybersecurity, often referred to as the “CIA Triad,” focuses on three key principles to ensure information and data security. These principles are:

1. Confidentiality:
   • Objective: To protect information from unauthorized access and disclosure.
   • Approach: Ensuring that sensitive data is only accessible to those who have the necessary permissions.
   • Measures: Encryption, access controls, authentication methods, data masking, and network security protocols.
   • Example: Use of passwords and multi-factor authentication (MFA) to prevent unauthorized users from accessing sensitive information.
2. Integrity:
   • Objective: To ensure that information remains accurate, consistent, and trustworthy throughout its lifecycle.
   • Approach: Preventing unauthorized users from altering data and maintaining the accuracy of data during storage, transmission, or processing.
   • Measures: Hash functions, digital signatures, checksums, version control, and secure data transfer protocols.
   • Example: Implementing version control to track changes to data and detect any unauthorized modifications.
3. Availability:
   • Objective: To ensure that information and systems are accessible to authorized users whenever needed.
   • Approach: Minimizing downtime, maintaining system uptime, and ensuring data is accessible even during disruptions.
   • Measures: Redundancy, disaster recovery plans, backup solutions, load balancing, and protection against denial-of-service (DoS) attacks.
   • Example: Regular data backups and having redundant systems in place to recover quickly from failures or cyberattacks.

These three principles (Confidentiality, Integrity, and Availability) form the foundation of a comprehensive approach to information and data security, guiding the design and implementation of cybersecurity measures.