The DAD Triad represents the primary threats that compromise security by attacking the CIA Triad.
1. Disclosure (Opposite of Confidentiality)
Unauthorized access or exposure of sensitive data.
- Example: A hacker leaks customer credit card information from an e-commerce website.
- Impact: Loss of trust, legal consequences, and financial loss.
2. Alteration (Opposite of Integrity)
Unauthorized modification of data, making it inaccurate or untrustworthy.
- Example: A hacker changes prescription details in a hospital database, leading to incorrect medication.
- Impact: False records, fraud, and potentially life-threatening consequences.
3. Destruction/Denial (Opposite of Availability)
Making data or services unavailable, either by deleting them or disrupting access.
- Example: A ransomware attack encrypts an organization’s files, preventing access until a ransom is paid.
- Impact: Operational downtime, data loss, and financial damage.
Balancing Security
Excessive focus on one aspect can weaken another:
- Strong confidentiality & integrity → May reduce availability.
- High availability → Could weaken confidentiality and integrity.
A well-balanced security strategy ensures protection against DAD while maintaining CIA.
.jpg)
){kind=link}
0 Comments