Integrity is a word thrown around a lot in the cybersecurity space. That’s not surprising. It is one of the three components that make up the CIA Triad, after all. However, the meaning and use of the word has been relatively limited in many security circles up until now.
Let’s take a look at the security industry more broadly. In most conversations dealing with integrity, data security and File Integrity Monitoring (FIM) controls often end up being the primary focal areas. But there’s more going on with integrity than just those two security principles. There’s more to talk about.
With that said, let’s take a step back and consider integrity as a broader concept. A definition of integrity can get us started.
Integrity is a way to understand what matters to an organization and what an organization should focus on in order to prevent undesired consequences. As the basis for trust and reliability, integrity becomes the ultimate measure of system security. True integrity allows for no variance between something’s original and current state. In other words, that something’s current state can be trusted because nothing has changed from its original, trustworthy state.
Tim Erlin, vice president of product management for Tripwire, notes that organizations can’t build trust into their security programs without integrity.
Managing integrity is ultimately about managing change throughout your entire environment. Change can be internal or external, authorised or unauthorised, intentional or accidental, benign or malicious. When you take an expansive view of change, it’s clear that managing integrity is at the core of foundational security.
Expanding the Focus Beyond Data Integrity
As mentioned in the introduction, integrity is one of the three CIA Triad principles – confidentiality, integrity, and availability – that serve as a framework for organizations to make sound information security policies. In this context, integrity is generally focused on the nature of organizational data and on organizations’ responsibility to make sure that external sources don’t succeed in compromising that information.
Yet integrity is so much bigger. While data integrity is certainly important to any security strategy, its broader application affects every area of an information system. As such, integrity can be a driving force of an organization’s entire security program. The focus on integrity can expand beyond just data integrity to encompass all aspects of architecture and security measures across IT and OT environments.
Here are examples of how integrity can take shape across your organization:
- Repeating the example mentioned above, data integrity protects the incorruptibility of data. It includes data backup and recovery, encryption, blockchain, identity and access management (IAM) as well as file access monitoring.
- System integrity ensures that no one makes unauthorized changes to critical assets. It includes FIM, security configuration management (SCM), host-based intrusion detection systems (IDS), vulnerability management and patching as well as privileged account management (PAM).
- Network integrity maintains the reliability of connections and protects the data moving through the network. It includes firewalls, network-based intrusion detection systems (IDS), encryption, virtual private networks (VPNs) and secure remote access.
- Physical integrity protects the facilities and spaces within which critical assets reside. It includes access controls, security monitoring, all-hazards mitigation (fire, water, earthquakes, etc.) and uninterrupted power supplies.
- Process integrity ensures that organizations have properly integrated, configured and coordinated multiple controls in a way that ensures a holistic approach to incorruptibility and resilience. It includes security incident and event management (SIEM); security orchestration, automation and response (SOAR); analytics and reporting; and a well-functioning security operations center (SOC).
- People integrity seeks to maintain trust in the humans who use IT and OT systems, who create and use data as well as who oversee enterprise security efforts. It includes security awareness training, certification, role-based access controls (RBAC), end-user behavior analytics (EUBA), organizational policy enforcement and background screening.
Integrity and Tripwire
By building an enterprise security strategy focused on integrity, organizations can incorporate trust into their people, processes and technology. All they need is the right security solutions provider to walk with them and to help to enable their security efforts.
That’s where Tripwire comes in. The company’s best-in-class technology and services empowers customers to focus on the right endpoints in real-time, on-site and in the cloud as well as to enable intelligent decisions and actions that strengthen security.