Lalit Ahluwalia is the Founder and CEO of “DigitalXForce – Digital Trust Platform,” and “CyberXForce – Outcome based Cybersecurity Services”
The digital world is rapidly evolving. Thanks to real-time security news on digital transformations, it is now evident that cyberattacks, data leaks and vulnerability risks have had a fair share in “staining” the entire digital landscape as our reliance on technology increases. This begs the question: Are we really adapting to these rapid changes or just following the status quo?
Here’s something you want to think about. What if I told you that we might be missing a significant point? Sticking to the generally accepted cybersecurity tenets encourages a focus ONLY on confidentiality, integrity and availability—completely eliminating the true concept of “TRUST” in digital services. Redefining these tenets will not only take us a step closer to a more balanced digital matrix but will eventually bridge the gap between cybersecurity and digital trust and build resilience inside out.
This article discusses the need to redefine cybersecurity and explains why adding a “Trust” tenet to the conventional CIA triad will make a lot of difference in cybersecurity as we know it today.
What Are Key Tenets Of Cybersecurity: “CIA—Confidentiality, Integrity And Availability”?
For decades, we have been taught that cybersecurity consists mainly of three tenets called the “CIA Triad”—which upholds the following pillars: confidentiality, integrity and availability. Confidentiality means that data is kept private and only accessible to those who are authorized to view it. Integrity focuses on accuracy of data and making sure data has not been tampered with. On the other hand, availability means that data is available and accessible when needed. These three pillars make up the conventional principles or “tenets” of modern cybersecurity.
When it was defined, it did fit the definition and purpose. At the time, we were mainly concerned with “information systems, data, and services.” However, the need and demand for cybersecurity has increased as technology evolves. While the CIA triad is important, it is not enough. In today’s world, where we share and exchange data constantly, there’s a need to add a new tenet to the mix—specifically, “trust.”
But why do we need to redefine cybersecurity from a “Trust” perspective?
Why There Is A Need To Redefine Cybersecurity?
Cybersecurity is no longer just a concern for IT departments. In today’s world with increasing digital transformations, we are living in an entirely new era. The “Digital Era,” as we call it, is fueled by smart devices, AI, cloud and mobile devices.
Evidently, our lives are dependent on technology, and in some cases, this makes us incapable of even performing primary tasks as humans. We are not just consumers of digital services but living in the digital itself. The risk profile has shifted from data or finance loss to even loss of life. The situation? Over-reliance on technology! This situation has worsened with increasing technological advancements. The result? Every organization, regardless of size or industry, is at risk of cyberattack. This is no news. It is already happening.
While the risk we knew before used to be around Information Systems and Services with a focus on loss of data, service or finance, it has grown much bigger now. With the adoption of smart devices and new digital methods, however, the risk has increased to include the loss of human life.
Unfortunately, this cannot be addressed or contained within the three Tenets of the traditional “CIA Triad”—confidentiality, integrity and availability. When faced with such a reality as this, there is only one way out: the pragmatic introduction of a new dimension and tenet, “T-Trust,” which focuses on building trust across digital interactions.
Understanding The New Dimension “T-Trust” And Digital Trust
Trust is the foundation of any successful relationship, and it’s no different when it comes to human-computer interactions in the digital world. When we trust our systems and our data, we’re more likely to use them safely and securely. In order to redefine cybersecurity, we need to focus on building trust. By focusing on trust, we can create a more secure and resilient cyber environment and security posture.
Just like the conventional CIA triad for information systems, digital trust is the foundation for any digital business and helps build confidence in the consumption of digital services and other digital interactions. Digital trust is built on factors such as security, privacy, transparency and accountability.
Let’s consider some of the following supporting pillars for a new “T-Trust” tenet in cybersecurity.
Integrated Risk Management: Digital trust in integrated risk management ensures the provision of integrated insights on an organization’s security posture, how it manages threats, security risks and all other aspects of operations, including its physical and information security, as well as its people and processes.
Continuous Monitoring, Real-Time And Data-Driven Insights: When trust becomes a priority, continuous monitoring is the only way to track progress or failure. Data is data, but generating real-time data insights that come directly from the source makes the difference.
Proactive Defense: Emerging cyber threats making waves in today’s digital landscape have made proactive solutions a necessary recipe for digital trust.
As seen above, the TRUST tenet is becoming increasingly important as our reliance on technology grows. This could lead to loss of life or property damage. This calls for an I-ACT framework (integrity, availability, confidentiality and trust) that provides a more comprehensive approach to cybersecurity.
Conclusion
The conventional CIA triad of confidentiality, integrity and availability (CIA) is a good starting point for defining cybersecurity, but not enough. Admittedly, the security risk profile has shifted from just information and financial loss to loss of life. This means that the “Trust” dimension must take center stage as a new definition of cybersecurity.
As a result, the “CIA” must be changed to “I-ACT: Integrity, Availability, Confidentially, Trust” and “Cybersecurity” must be changed to “Digital Trust.” By incorporating the trust tenet, or “I-ACT,” organizations can better protect their data, systems and people and build the secure future of tomorrow.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Read the full article here