Definitions C

CIA Triad

Information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity.

Confidentiality

Involves a set of rules or a promise usually executed through confidentiality agreements that limits access or places restrictions on certain types of information.

Integrity

Means maintaining and assuring the accuracy and completeness of data over its entire lifecycle.

Availability

For any information system to serve its purpose, the information must be available when it is needed. This means the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly.

Links

• https://en.wikipedia.org/wiki/Confidentiality

Competitive Intelligence

Competitive intelligence (CI) is the process and forward-looking practices used in producing knowledge about the competitive environment to improve organizational performance.

Links

• https://en.wikipedia.org/wiki/Competitive_intelligence

Cyber Kill Chain

Developed by Lockheed Martin, the Cyber Kill Chain® framework is part of the Intelligence Driven Defense® model for identification and prevention of cyber intrusions activity. The model identifies what the adversaries must complete in order to achieve their objective. The chain:

• Reconnaissance

  • Harvesting email addresses, conference information, etc.

• Weaponization

  • Coupling exploit with backdoor into deliverable payload

• Delivery

  • Delivering weaponized bundle to the victim via email, web, USB, etc.

• Exploitation

  • Exploiting a vulnerability to execute code on victim's system

• Installation

  • Installing malware on the asset

• Command and control (C2)

  • Command channel for remote manipulation of victim

• Action on objectives

  • Intruders accomplish their goals

Links

• https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html

Cyber Threat Intelligence

Cyber threat intelligence (CTI) is knowledge, skills and experience-based information concerning the occurrence and assessment of both cyber and physical threats and threat actors that is intended to help mitigate potential attacks and harmful events occurring in cyberspace.

Cyber threat intelligence - tactical

Technical intelligence (including Indicators of Compromise such as IP addresses, file names, or hashes) which can be used to assist in the identification of threat actors.

Cyber threat intelligence - operational

Operational: details of the motivation or capabilities of threat actors, including their tools, techniques and procedures.

Cyber threat intelligence - strategic

Strategic: intelligence about the overarching risks associated with cyber threats which can be used to drive high-level organizational strategy.

Links

• https://en.wikipedia.org/wiki/Cyber_threat_intelligence