IT security CIA vs ICS cyber security

Thursday, March 9, 2017, I attended the Silicon Valley High Tech Criminal Association (HTCIA) meeting where the Symantec Deputy CSO gave a presentation on cyber security. One of his slides was a two dimensional diagram showing Confidentiality, Availability, and Integrity (CIA) on one axis and Prevent, Detect, and React from the NIST Framework on the other.  This was a traditional IT view as IT cyber security only encompasses measures to ensure the confidentiality, integrity, and availability of the electronic information communication systems. However, what was not addressed was either Safety or System Impacts.  While it is important to identify cyber vulnerabilities, it is just as important to understand any potential physical impacts that could be caused by these cyber vulnerabilities. Additionally, ICS can be impacted by older, non-sophisticated cyber vulnerabilities not just the latest Advanced Persistent Threats (APTs).  It is very difficult for the ICS community to be concerned with what IT defines as cyber security when the most important attributes to the ICS community are not being considered.

Joe Weiss

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


  • I want to learn the whole thing about cyber security. Actually I got a task upon cyber security when I have to Do My Dissertation For Me I research a lot and I found it is so instructing could you please tell me Where would be the most excellent institution of higher education or institute to begin after I complete high school? I mean university? I really want to know where to learn cyber security needs help.


RSS feed for comments on this page | RSS feed for all comments