Understanding the Main Goals of Information Security

Three primary goals of information security are preventing the loss of availability, the loss of integrity, and the loss of confidentiality for systems and data. Most security practices and controls can be traced back to preventing losses in one or more of these areas. These are often referred to as the AIC security triad, using the initials for availability, integrity, and confidentiality.

Interestingly, the 2012 SSCP objectives added privacy as an additional security concept right after confidentiality, integrity, and availability. Confidentiality contributes to privacy, but organizations need to know what data to keep private. Chapter 11 covers the importance of protecting personally identifiable ...

Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.