Introduction:

The CIA triad model is made to guide policies throughout an organization and keep its software protected. The CIA triad serves as the cornerstone for cybersecurity and is incharge of the protection of organizations data.  It has three main principles that it is based on confidentiality, integrity, and availability. All these principles share the same common goal which is to protect its data from breaches or any tampering that may come its way. Understanding its cornerstone values ensures a safer and direct action approach against any warfare that may come its way.

Confidentiality:

Confidentiality is designed to ensure that the sensitive information is protected and only being seen by people who are authorized to. An example of this would be the protection of people’s personal accounts. These accounts would most likely be anything that would have personal information like credit card numbers or their social security number. Confidentiality however, would fall under authorization. Authorization would ensure that the person who has access to the account is the only one who’s allowed to access private and personal information regarding them. As mentioned in the article (Chai 4) “ Extra measures might be taken in the case of extremely sensitive documents, such as storing only on air-gapped computers, on disconnected storage devices or in hard-copy form only.”

Integrity:

While making sure the data that is kept private stays accurate and consistent without tampering, integrity is the CIA triad model that this falls under. Example of this would be a bank account or an online shopping account that’s making sure you have no extra charges to your name. By doing so this is making sure that your personal data is being authorized only by you. Unlike confidentiality, integrity has both authorization and authentication mechanisms but mainly touches authentication more. It falls under authentication because it ensures that the data in the accounts are validated and being verified. In this scenario it’s authorizing that the data and privacy isn’t touched in a scenario of an attack.

Availability:

Availability is the most obvious by its name. It is simply in the triad model to ensure that the authorized personnel using the technology are able to whenever they want. Its main mission is to ensure that under any scenario or attack the information that may be lost is mitigated or not lost at all. As stated in the article (Chai 4) “Fast, adaptive disaster recovery (DR) plans are essential for the worst-case scenarios and require a comprehensive approach.” Availability, like integrity, has both authentication and authorization mechanisms. Ensuring that the source or access is accessible would be authorization, but verifying the identity of the person is authentication. 

Conclusion:

After explaining what the CIA triad model is, this hopefully ensures the fact that the model is here to ensure the safeties and guide by the appropriate roles of each principle. Each principle either shows ways of authorization and authentication while showing how they apply to the triad model. By balancing the three principles and using them to a cyber team’s strength this hopefully reassures the security strategies in hope of mitigating risk.

MLA Citation 

Wesley Chai. “What Is the CIA Triad?: Definition, Explanation, and Examples” 28 June 2022, https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view