Page 7

Understand the CIA Triad Recently, the 23 NYCRR 500 regulation adopted by the New York State Department of Financial Services mandated that covered entities must maintain a cybersecurity program designed to protect the confidentiality, integrity and availability of the covered entity’s information systems. What does that mean exactly? Well, to start, it means we should discuss the CIA Triad. The CIA Triad is an information security concept that consists of three core principles: 1. confidentiality; 2. integrity; and 3. availability. These core principles become foundational components of information security policy, strategy and solutions. Cybersecurity professionals and executives responsible for the oversight of cybersecurity programs should have a deep understanding and appreciation for each of the three core principles.


joe yetto President, TAG Solutions

Ultimately, all vulnerabilities and risks should be evaluated based on the threat they pose to one or more of the CIA Triad core principles. In addition, all security controls, or countermeasures, should be evaluated on how well they address the core principles of the CIA Triad. Let’s explore each core principle in more detail.

In a fast paced, multi-faceted industry, you can find solutions, service, and selection at M. J. Kelly Company. Whether it’s artisan contractors or cyber risks (and everything in between), we’re ready to write your risks. Bring the tough stuff to us. With a variety of quality coverages, personal service, competitive rates, rapid turnaround times, and convenient payment plans, M. J. Kelly allows you to open the door to new opportunities and close the deal. Selection, service, and speed matter. M. J. Kelly delivers.

M. J. Kelly Company-Arkansas Wholesale Insurance Brokerage . 800.873.8374


Spring 2018 Magazine