Customer Behavior Vs. The CIA Triad
Shopping Online is an activity literally everyone has done before. It is convenient, easy and user friendly, but there exists security risks that every online shopper needs to be aware of and prepare for. The risk of banking details being compromised, the threat of payments being possibly intercepted and many other dangers could make some folks shun shopping online. But we wouldn't want that now would we? No matter the risks however, every online shopper can still stay safe. In order to understand these cyber risks perfectly and stay safe from them, it is important to understand the fundamentals of cyber security in relation to online shopping, and the basic fundamental is no other than the CIA Triad
When most people hear the letters CIA, they immediately think of the Central Intelligence Agency as shown in Hollywood movies. This CIA Triad on the other hand, has nothing to do with the US government or movies - it is entirely concerned with cyber security.
CIA is an acronym that stands for Confidentiality, Integrity, and Availability. It is the foundation upon which everything else is built and having a full understanding of this concept as an online shopper is important to staying safe while shopping.
Confidentiality
When something is confidential, it means it is only accessible to you. In cybersecurity, it refers to protecting sensitive data from unauthorized parties. As a baseline, confidentiality is based on the idea that only those allowed access to a particular asset should have access to it. It should be impossible for someone else to gain entry. Bringing this to online shopping behaviour, there are certain assets only you should have access to, they include user login details and debit/credit card details.
To protect these assets while shopping online and prevent unauthorized access and ensure confidentiality, every online shopper should use strong passwords and enable 2FA/MFA wherever possible.
Integrity
Integrity is ensuring data hasn't been tampered with or manipulated. It's a method of determining the reliability of a database, device, or network. Imagine you are shopping for a phone to buy, you find one online and pick a certain color, let's say blue. After ordering and receiving the phone, you get a red one, how is that? On returning to the website, you find that it was changed to red, and but you are certain you picked blue. It means the reliability of that website has been affected because your information has been tampered with somehow. And that means integrity has been breached.
Resolving Integrity issues is not completely up to you, it also involves the vendor you're shopping with. But it is important to understand this pillar of the triad and do what you possibly can to avoid compromise by carefully selecting which vendors to transact with.
Availability
The degree to which systems, networks, devices, and applications are accessible when and how people need them is referred to as availability. It's all about maintaining uptime so that users can access services in a timely and secure manner. Nobody wants to visit their favorite shopping website for an urgent buy only to be unable to due to a “Service Unavailable” page. It is simply unacceptable.
Vendor sites suffer from this due to Denial of Service (DoS) attacks. It is therefore up to vendors and merchants to stay aware of and keep safe by having site backups, using monitoring systems and also having preventive and recovery plans in place.
As we shop online, we should have security in mind as well, and grasping the basics of the CIA triad is a perfect first step to doing this. It ensures a safer and more secure shopping experience for you on the web.
Resources
https://www.panorays.com/blog/what-is-the-cia-triad-and-how-can-you-apply-it-to-your-vendors/
https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA
https://compliancy-group.com/the-cia-triad-confidentiality-integrity-availability-for-hipaa/