Use the CIA triad to shape security automation use cases

Automating IT security with the CIA triad framework helps improve scalability, reduce misconfigurations and enhance threat detection and remediation.

• Share this item with your network:

• Damon Garn, Cogspinner Coaction

Many IT automation and orchestration discussions focus on using pipelines that enable continuous integration/continuous delivery to improve IT productivity and efficiency. While these pipelines benefit service and software development, they can also bolster an organization's security posture.

It's helpful to frame security automation discussions by using the CIA triad. The triad consists of the following three aspects:

• Confidentiality. Enforcing resource access to only authorized users.
• Integrity. Ensuring data does not unexpectedly change.
• Availability. Guaranteeing services, applications and data are available to authorized users.

The CIA triad provides context to security discussions. It's helpful for cybersecurity planning, practices and maintenance. In this case, it helps demonstrate how security automation benefits organizations.