Integrity in a cyber security context refers to information remaining accurate. Examples of breaches of the integrity of information include defaced websites, hacked twitter accounts, changed database information through SQLi attacks, driveby attacks and phishing attacks. That is, the information about who has sent an email may look correct but is not correct (looks like it’s from the CEO or a friend but is an attacker), the system and entity a website represents delivering the information is the not the one it looks like (man-in-the-middle), the pricing table in a database has been hacked and the information changed from $100 to $1 (such as through a SQL Injection attack) or a fictitious person and bank account has been added to a payroll system (such as by an insider or an attacker with privileged access). The issue of integrity also extends to user error, that is, the information has been entered, deleted or altered, in genuine error by the legitimate user.

From a technical standpoint, access and use can be restricted with access controls and also monitored to detect if something unusual is happening. The logs can also be maintained to review should something go wrong so experts have evidence to work with.

Keeping software up-to-date, using strong unique passwords, enabling 2 factor authentication where offered, avoiding clicking on phishing links, limiting access to information to what is needed to for each user to perform their role, maintaining valid encrypted backups that are timestamped to restore from, and monitoring are a combination of techniques that may help with resilience to these issues – as could a communications plan.

Leave a Reply

Your email address will not be published. Required fields are marked *