Cybersecurity controls are primarily designed to protect the Confidentiality, Integrity, and Availability (CIA) of data. These are the three fundamental principles of cybersecurity and are essential for protecting organizational information assets. Let’s analyze each option:
Option A: Veracity, velocity, and variety.
Incorrect. These attributes are commonly associated with big data and data analytics rather than cybersecurity. Cybersecurity controls focus on ensuring that data is secure, rather than on its volume, speed, or diversity.
IIA Reference: Cybersecurity risk management frameworks emphasize the CIA triad over big data attributes. (IIA GTAG: Auditing Cybersecurity Risk)
Option B: Integrity, availability, and confidentiality.
Correct. These three principles are at the core of cybersecurity:
Confidentiality: Ensures that sensitive information is only accessible to authorized individuals.
Integrity: Protects data from unauthorized modifications or corruption.
Availability: Ensures that data and systems are accessible when needed.
IIA Reference: The IIA’s guidance on IT governance highlights the CIA triad as the foundation of cybersecurity. (IIA GTAG: Information Security Governance)
Option C: Accessibility, accuracy, and effectiveness.
Incorrect. While these attributes are important in data management and usability, they do not directly define cybersecurity controls.
Option D: Authorization, logical access, and physical access.
Incorrect. While these are essential security components, they fall under broader IT security measures rather than forming the fundamental principles of cybersecurity.
Submit