In military and government organizations, confidentiality is prioritized above integrity and availability.
In private companies availability is place above confidentiality and integrity.
Such prioritization focuses efforts on one aspects of security over another, however, it doesn't imply that the second or third prioritized items are ignored or improperly address.
Interesting thing here comes with the comparison of IT systems and Operational Technology (OT).
IT system, even in private companies, tend to follow the CIA triad.
OT systems tend to follow the AIC triad. Availability is prioritized overall and integrity is valued over confidentiality.
Note: OT systems: Programmable logic controllers (PLCs), Supervisory Control and Data Acquisition (SCADA), and MES (Manufacturing Execution Systems)
No comments:
Post a Comment