The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point out its deficiencies, and propose to standardize the terminology involved and expand it by introducing two additional elements.
The post A humble proposal: The InfoSec CIA triad should be expanded appeared first on Help Net Security.
