Cyberday.ai
Get started
Login
Topics
ISO 27001
NIS2
Getting started
Framework management
Product security
Settings & advanced
Trial and subscription
User management
Community
Documentation
Personnel guidelines
Reporting
Task management
GDPR
Internal auditing
Personnel security
Risk management
Working as a partner
Continuous improvement
Team collaboration
Show all topics
Webinars
NIS2: Intro to NIS2 Directive and Cyberday
ISO 27001: Build a cyber security plan, that gets you compliant
May's monthly review for Cyberday admins (5/2024)
Show all webinars
Videos
Asset documentation
Continuously improving your ISMS
Cyberday overall intro
ISO 27001 and certification audit fundamentals
ISO 27001 and personnel awareness
ISO 27001 and risk management
ISO 27001 introduction
NIS2 introduction
Show all videos
Helps
Documentation
For admins
For partners
Frameworks
Guideline mgmt
Other features
Reporting
Setup and integrations
Task mgmt
User management
Show all helps
Blogs
Access Control & MFA (NIS2 21.2): Build A Solid Foundation with ISO 27001 Best Practices
Understanding HR Security Basics for ISO 27001 & NIS2 Compliance
Build your NIS2 measures for Business Continuity and Backups with ISO 27001
Best Practices from ISO 27001 for Secure System Acquisition and Development: Create your NIS2 measures
Potential Struggles IT Companies might Encounter with Incident Identification and Reporting Today
Show all blogs
Content library
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Academy home
Helps
Enabling CIA classification feature for main assets

Enabling CIA classification feature for main assets

Confidentiality, integrity and availability, the CIA triad / triangle, offers a model for planning information security and e.g. categorizing assets due to their priority.

What is CIA classification?

When you enable CIA classification for assets in Cyberday, you can start systematically selecting values for assets CIA values and derive the asset priority from there, instead of letting asset owners freely choose it without any method.

CIA (in this case) stands for:

  • Confidentiality: Ensuring that sensitive data is only accessible to authorized individuals or systems, protecting it from unauthorized access.
  • Integrity: Maintaining the accuracy and trustworthiness of data by preventing unauthorized modifications, alterations, or tampering.
  • Availability: Guaranteeing that data and systems are accessible and operational when needed, minimizing downtime or disruption.

How to enable CIA classification in Cyberday?

From the organisation dashboard go to settings scroll down to advanced features and activate “Asset CIA priority classification”.

After this, you can select if you want the asset priority to be automatically calculated from the CIA evaluation selection.

How CIA classification works in Cyberday?

The feature adds a CIA evaluation in the top section of each asset documentation card. After you select a value for each section the card’s priority value will be calculated if the automatic calculation is enabled. Otherwise, the evaluation will only be documented on the card.

This view will be added to following documentation list items:

  • Data systems
  • Data sets
  • Data stores
  • System providers
  • Other assets
  • Offices
  • Data processors

Benefits of using CIA classification

Using the CIA classification adds a bit of work for your asset management, but it can function as a great way for targeting your latter efforts more efficiently.

  • Risk Assessment: It helps organizations assess and understand the potential risks associated with their assets. Organizations can identify vulnerabilities and threats that might impact their information and systems by evaluating confidentiality, integrity, and availability.
  • Prioritization: It allows organizations to prioritize security measures and resources based on the importance of assets. Critical assets with high confidentiality, integrity, and availability requirements may require more robust security controls.
  • Compliance: Many regulations and standards, such as GDPR, HIPAA, and ISO 27001, require organizations to protect the confidentiality, integrity, and availability of sensitive information. By evaluating assets with these principles, organizations can ensure compliance.
  • Incident Response: Understanding the CIA's impact on assets helps organizations develop effective incident response plans. It guides the response to breaches or incidents that threaten these principles and helps mitigate potential damage.
  • Resource Allocation: It helps organizations allocate resources effectively by focusing on assets most critical to the business. This ensures that security investments are made where they are needed most.
  • User Awareness: Educating employees and users about the importance of the CIA principles can promote a culture of security within an organization, making them more aware of their role in safeguarding assets.
  • Business Continuity: Protecting the availability of critical assets ensures that business operations can continue even in the face of disruptions, minimizing downtime and potential financial losses.

Content

Share article

Other similar content from Academy

Help articles

Available support methods for Cyberday use
Content: Tasks, Documentation, Guidelines and Reporting
Enabling CIA classification feature for main assets
Feature: Documentation tables
Filling documentation for important data assets
How can I export data from Cyberday?
How do I start to use Cyberday in Teams?
How is the Cyberday data backed up?
How to use the metrics feature
Import multiple items at once
Linking existing SharePoint files to your Cyberday content
Optional data fields in Cyberday
Personalize the menu by pinning items
Setting a custom logo for your organization
Unit-employee AD syncing
User management: Different user roles in Cyberday
Visual mode draws out documentation item's connections
What is cyber security asset documentation?
What kind of logging is available about changes in your Cyberday account?

Subscribe to Academy today

Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.

Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Topics
Personnel guidelines
GDPR
Team collaboration
Product security
User management
Show all
Webinars
NIS2: Intro to NIS2 Directive and Cyberday
ISO 27001: Build a cyber security plan, that gets you compliant
May's monthly review for Cyberday admins (5/2024)
Show all
Videos
ISO 27001 introduction
NIS2 introduction
ISO 27001 and certification audit fundamentals
Asset documentation
ISO 27001 and personnel awareness
Show all
Helps
Documentation
For partners
Other features
Reporting
Guideline mgmt
Show all
Blogs
Access Control & MFA (NIS2 21.2): Build A Solid Foundation with ISO 27001 Best Practices
Understanding HR Security Basics for ISO 27001 & NIS2 Compliance
Build your NIS2 measures for Business Continuity and Backups with ISO 27001
Best Practices from ISO 27001 for Secure System Acquisition and Development: Create your NIS2 measures
Potential Struggles IT Companies might Encounter with Incident Identification and Reporting Today
Show all
Content library
Open content libraryLabs
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.