Originally published by New Context.
The CIA triad of security principles is an oft-cited example of safe information infrastructure. It establishes the most important aspects of protecting sensitive data while maintaining productivity. At the same time, it’s broad enough to allow organizations to develop their own interpretation. However, that is a double-edged sword. While companies need flexibility in their programs, the CIA triad’s abstract nature might be a little bit too malleable.
On top of that, it’s outdated for most modern purposes. After all, its development started in the 1980s, well before the wide use of the internet, decentralized data storage, and sophisticated cybersecurity attacks. While the CIA triad of security establishes some reasonably good ideals, it’s not enough to guide an organization. For that, many experts turn to a new model: distributed, immutable, and ephemeral, otherwise known as DIE.
The Traditional CIA Triad of Security
The CIA created an abstract model of security in the late 1980s that was so broad it could apply to any type of information. The triad establishes a standard for infosec, but it doesn’t provide a roadmap to get there. Specifically, it breaks down as follows:
This component centers on protecting information from unauthorized viewing, whether those observations come from individuals, organizations, or machines. Access control is the key to confidentiality, whether through sophisticated computer programs or old-fashioned locks and keys.
Data should not undergo any unauthorized changes throughout its lifecycle. Modifications require monitoring to ensure proper treatment and preservation of information. Access control also preserves integrity, but there is a component of logging involved.
The whole reason for having information is to run an organization. It’s a necessity. As such, security cannot be so stringent that it prevents needed retrieval and management. Availability also covers the logistics of managing information, like securing proper power to maintain electronic data storage, ensuring backups in the event of system failure, and providing adequate space to store all needed items.
While these are good data security fundamentals to have, relying entirely on the CIA triad is problematic for a couple of reasons. First, it provides no real actionable information. It just tells security professionals how their program should work. It doesn’t offer details on how to make it more secure. Second, it’s contradictory, especially when it comes to availability and confidentiality. Keeping something confidential means it’s not available. Meanwhile, when something is available, it’s not confidential. For these reasons, many agree a change to the CIA triad of security is necessary.
The DIE Model of InfoSec: Distributed, Immutable and Ephemeral
Most experts agree it’s time to upgrade to a new model of security. The DIE model is best for today’s needs because it provides objective solutions. Specifically, it centers on distributed systems, immutable change logging, and ephemeral strategies.
A single target is far easier to attack than multiple ones. In the modern age of DDoS attacks, where bad actors take advantage of brute force and thousands of bots to disrupt a single entry point, companies must avoid putting all their (security) eggs in one basket.
A distributed system limits the impact of any attack by confining it to a single space. It also has built-in redundancies, so if one system is compromised, it’s recoverable. There’s never a single point of weakness to exploit.
The first hint that there’s a problem in security is an anomaly. The program doesn’t behave as it should. So, the first thing bad actors do is eliminate evidence of the abnormality. This strategy works. As of 2019, the average time it took organizations to discover a breach was 209 days. A lot of damage can occur in that timeframe.
Immutable logs make it impossible to cover up the anomalies. A change in a transparent system is quickly discovered, traced, and contained. This strategy is also good when security holes occur without malice, as the action that created this risk is traceable to a single action.
Remedial measures are possible before exploitation.
Administrators must break data and systems down to “pets and cattle.” Pets are long-term necessities and cattle are dispensable. The more cattle, the better. A flexible network infrastructure made of cattle is also immutable. This means an ephemeral computing/logic layer on top of a persistent, secure data layer. It’s safe to change and retire legacy programs because they’re no longer necessary.
As legacy programs are among the most vulnerable to attack—because bad actors have had time to learn their weaknesses—it’s best to eliminate them. An ephemeral infrastructure meets new challenges without the need to maintain old processes to protect indispensable assets.
The CIA triad of security is not a bad philosophy to have. It just needs a supplementary approach. If a program is distributable, immutable, and ephemeral, it has confidentiality, integrity, and availability. The CIA triad is the goal. The DIE model is the path to get there.