Beyond the CIA Triad (Y21c)
There is an undeniable need for security policies and mitigation strategies to review more security principles than the common CIA triad of confidentiality, integrity, and availability that most security professionals are trained on. Security programs often fail to breaches and threats because of principles forgotten such as possession, privacy, and utility. This paper takes this application one step furthur to show a visual alignment of the nine core security principles and apply it to a risk appetite chart. Giving cyber security professionals and leaders this new perspective will help make everyone more effective in their day-to-day duties. This includes vendor/product selections, identifying gaps, and being able to more accurately address the real requirements before acquiring products, solutions, and tools. Desired Learning Outcomes: Professionals see that there are significant gaps to address in their security programs and policies.