As you work to understand the impact of a risk, you should look to the C.I.A. Triad of Information Security and its foundational principles for guidance. This takes into consideration how an attack may impact information systems your business relies on or the data that you protect and manage.
The C.I.A. Triad gives you a structure to look at how your business may be impacted by a breach in Confidentiality, Integrity, and Availability.
The C.I.A. Triad
Does the system in question have information that needs to stay confidential? If compromised, what impact will the exposure of this information mean to the business?
Does the business use the information in this system to make important decisions? If the information cannot be reliable due to a compromise, how may it impact the business while the attack is underway?
If systems or data are rendered inaccessible, the business may be unable to complete certain functions or processes. It may be difficult to access critical information needed for decisions or to support client needs.
Financial impacts beyond the C.I.A. Triad can be harder to measure and anticipate but are important to note. Some examples include:
- Cost of investigation and recovery efforts
- Loss of customer trust and business
- Increased cost for new business
- Increased cost to rebuild your brand and reputation
- Regulatory fines or penalties
Breaking Down the C.I.A. Triad
One of the best ways to understand this concept is to look at a common Business Email Compromise (BEC).
(Read more about BEC’s here)
In an email compromise, information that was exchanged between the user and clients or other members of the business may be now accessible to the attacker that has access to this account. This could include sent, received, or deleted emails that contained sensitive information, non-public information, intellectual property, financial information, etc.
Often, an attacker may use access to the email account to send a malicious link or file to other people. However, if this individual has copied over the contents of this email account or reads non-public information, it is a breach of confidentiality. There may be steps that need to be taken to notify people that are impacted by this breach, potential fines, or other challenges you need to think ahead about as you assess how the business may be impacted.
In an email compromise, when an attacker misleads others through spoofing or impersonating another user or trusted contact, this is a breach of Integrity. This loss in trust can result in financial fraud (funds transferred to the wrong account). You can no longer trust the information you may be depending on to run the business.
Email service availability may become compromised if an attacker can do something as simple as changing the user’s password to lock them out of their account. In Ransomware attacks, availability is compromised because files may be encrypted until a ransom is paid.
Not having access to a business-critical system like email may mean that important information or certain communication channels are down. Depending on how long availability is compromised and the way the system is used, this could lead to major impacts on the business.
Learn More about Possible Impacts to Your Business
Now that you’ve read a bit about how the C.I.A. Triad helps to break down the potential impacts related to a cybersecurity incident, continue learning by reading about how this way of thinking may be evolving: Challenging the C.I.A. Triad
If you’d like to learn more about what to prepare for in an attack or how to reduce your risks, reach out to us for a free cybersecurity risk consultation.