After reading this chapter and completing the exercises, you will be able to do the following:
Understand confidentiality, integrity, and availability (the CIA security model).
Describe the security objectives of confidentiality, integrity, and availability.
Discuss why organizations choose to adopt a security framework.
Understand the intent of the National Institute of Standards and Technology (NIST) Cybersecurity Framework.
Understand the intent of the ISO/IEC 27000-series of information security standards.
Outline the domains of an information security program.
Our focus in this chapter on information security objectives and framework will answer the following (and many other) questions ...