Cybersecurity protects systems, networks, and data from digital attacks. The CIA Triad — Confidentiality, Integrity, Availability — is the foundation of all security decisions.
| Principle | Definition | Example Controls |
|---|---|---|
| Confidentiality | Only authorised parties access data | Encryption, Access Control |
| Integrity | Data is accurate and unmodified | Hashing, Digital Signatures |
| Availability | Systems accessible when needed | Redundancy, DDoS Protection |
# Security Layers (Defence in Depth)
Perimeter: Firewalls, IDS/IPS, DDoS protection
Network: VLANs, network segmentation, VPN
Host: OS hardening, patching, EDR
Application: Input validation, WAF, SAST/DAST
Data: Encryption at rest and in transit
Identity: MFA, least privilege, PAM
# Common threats
# OWASP Top 10, CVEs, zero-days, APTs
# Insider threats, supply chain attacks