What is security?
The data we send across the Internet every day—emails, YouTube videos, and search results—is immensely valuable to hackers, governments, employers, advertisers, and snoopy family members (though we explain exactly how in the next section).
Security means protecting this data: protecting your confidentiality, integrity and availability—everywhere and all the time.
Protect your confidentiality, integrity, and availability
These three “aspects” of security are known as the CIA triad, and they represent the three fundamental guarantees you need to consider your data “safe”(Mark Dowd et al., 2006, pp. 22-24):
- Confidentiality: no one can access your data if you don’t want them to.
- Integrity: no one can change your data if you don’t want them to.
- Availability: no one can deny you access to your data when you want it.
Furthermore, security means protecting these guarantees everywhere and all the time.
This explains why it often feels so futile trying to secure your computer. You may have worked to secure your computer before, perhaps with antivirus software, a firewall, or a spam filter, but these are piecemeal solutions to a more general problem: they protect only some parts of your data some of the time.
To be truly safe, you must protect your data’s CIA triad: confidentiality, integrity, and availability. All of it, all of the time.
Bringing it to the real world
The 3 aspects of the CIA triad are abstract concepts. It’s worth thinking about what security means for you and the people you care about. Security, after all, means nothing if it doesn’t protect the things you care about.
Likewise, it’s also worth asking: are you a target? Protecting your stuff may help you feel safer—but, if no one wants to hack you, why bother?
This takes us to the next section: “will I even be hacked?”