Post cover image
Cybersecurity is a subset of information security, focusing specifically on digital security.

June 13, 2026

Intro to InfoSec..

Infosec- practice of protecting data from unauthorized access, modification, destruction or disclosure ensuring info. remains secure…

Snappy

1 min read

Infosec- practice of protecting data from unauthorized access, modification, destruction or disclosure ensuring info. remains secure, reliable and accessible.

eg: A bank secures physical customer records ensuring that digital banking info. is encrypted.

Importance

  1. Data breaches cost organizations millions

  2. Regulatory compliance (eg- GDPR,ISO27001,PCI-DSS) mandates strict data protection

  3. Reputation damage

  4. Prevention of cybercrimes

None

The CIA Traid : the foundation of infosec

  1. Confidentiality : Keeping Data private (authorized users have access to sensitive info.)

Techniques : Encryption; Access Control: MFA

Threats: unauthorized access (eg:hacking, phishing); insider threats : (eg: employess leaking sensitive info.)

eg: Encrypting a company's customer database so that only employees with proper clearance can access it.

  1. Integrity: Ensuring Data Accuracy and consistency (data is not altered or tampered with)

Techniques : Digital signatures; Hashing; Checksums; Blockchain

Threats : Data corruption due to cyberattacks ; unauthorized modifications by insiders

eg: Digital signatures on emails ensure that they are not altered in transit.

  1. Availability- Ensuring Uninterrupted Access ( accessible to authorized users)

Techniques: Redundancy ; Load Balancing; Disaster Recovery plans

Threats : DDoS attacks; Ransomware attacks

eg: A cloud backup system that ensures data is accessible even if primary servers fail.

AAA Model: Authentication; Authorization & Accounting

Core security principle controls who gets access to what..

  1. Authentication- Verifying Identity (only legitimate users)

Techniques: Passwords; MFA; Biometric Authentication

eg : Logging into your bank account using a password and OTP (One- Time Password).

  1. Authorization : Granting Appropriate Access ( only have access to the data and resources they need)

Techniques: Role Based Access Control(RBAC); Least Privilege Priciple

eg: A finance employee should only access payroll data, not HR records.

  1. Accounting — Tracking User Activity

Techniques : Security info and event mgmt. (SIEM); Audit logs and monitoring.

eg: A bank records who accessed customer accounts, when, and what changes were made.

Security — Protects systems and data from cyber threats. regulations: ISO 27001; NIST CSF; PCI-DSS. eg: firewall blocking hackers from stealing data .

Privacy — Ensures personal data is collected, stored, and used ethically. regulations : GDPR ; KSA PDPL; UAE DPR. eg: A social media site requiring consent before collecting personal data.