{"id":274,"date":"2023-09-23T17:36:48","date_gmt":"2023-09-23T17:36:48","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/?p=274"},"modified":"2023-09-23T17:36:48","modified_gmt":"2023-09-23T17:36:48","slug":"the-cia-triad","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/2023\/09\/23\/the-cia-triad\/","title":{"rendered":"The CIA Triad"},"content":{"rendered":"\n<p class=\"has-text-align-center\">Alexander Conrad<br>Professor Kirkpatrick<br>Fall CYSE 200T<br><strong>The CIA Triad<\/strong><br><strong><em>BLUF<\/em><\/strong><br>The CIA Triad is a common model that is used by Information security in an organization<br>as a guide for people in information security to find and locate areas of concern. In terms of<br>authentication and authorization, authenticity is proving who you say you are and authorization<br>is the given access once you have been properly authenticated.<br><strong><em>What is the CIA Triad model<\/em><\/strong><br>The CIA Triad, which stands for Confidentiality, Integrity, and availability, is a common<br>model that is used by Information security in an organization. This model is needed and helpful<br>as a guide for people in information security to find and locate areas of concern that are rooted in<br>the technology, such as viruses, hacks, or worms. Confidentiality is a set of rules that block the<br>access to critical information that might be accessed in this business. These rules are designed to<br>protect sensitive information from being accessed incorrectly, this information could include<br>something integral to the company and could possibly damage it. Integrity is the guarantee that<br>the information that is provided is accurate and can be trusted. In addition to this, integrity is also<br>making sure the data does not get tampered with by malicious parties and is usually done with<br>intent to hurt the company, so it\u2019s essential to encrypt data and only allow trust worthy<br>authorities. Availability is an assurance that the information can be accessed by the proper people<br>that have that authorization. This also involves maintaining hardware and technical systems to<br>make sure they are up to date to receive all the latest information. Mentioned in the Chai article,<br>the CIA triad is important because \u201cConsidering these three principles together within the<br>framework of the \u2018triad\u2019 can help the development of security policies for organizations.\u201d (Chai<br>article pg2.) Even though this is just a common concept it\u2019s the one that is very important for any<br>organization to have because it helps with the safety policies of sensitive information that could<br>otherwise be exploited or taken by malicious actors. According to Fortinet, \u201cYou should use the<br>CIA triad in the majority of security situations, particularly because each component is critical.\u201d<br>(Fortinet). As provided the CIA Triad is a very important tool regarding cybersecurity in a<br>organization and business, especially to prepare and fight off attacks.<br>What is the difference between authorization and authentication<br>The difference between Authorization and Authentication is the ability to access<br>something and if you are able to access that information. Authentication is more closely related<br>to the integrity part of the triad, because with authentication you have to prove who you are and<br>why you should be able to access this information. Authorization is closely related to the<br>confidentiality portion of the triad, where once you have authentication, you can now authorize<br>that particular piece of information. A way you could see both of them being used together would<br>be a multi-factor authentication, you have this system in place to protect your information or<br>accounts, you have to first authenticate yourself in order to be able to authorize it.<br><strong><em>Example of CIA Triad<\/em><\/strong><br>An example of the CIA Triad in practice would be in a ATM. Confidentiality is<br>maintained by two factor authentication which would be the debit card or credit card and your<br>pin number to authorize your account information. The machine itself runs the integrity right into<br>the bank and will reflect any changes made to the account up to date. The Availability would be<br>in case something happens to this particular machine you have other areas around with ATMs<br>and the bank that you could go to and access the information there.<br><strong><em>Conclusion<\/em><\/strong><br>The CIA triad is a very simple yet critical model that is used by organizations specifically<br>to maintain information over the cyberspace. This model includes confidentiality which protects<br>the information, the Integrity which maintains the trustworthiness and accuracy of the<br>information, and the Availability is the ability to access the information and keep it backed up in<br>case something happens to it during transit. This model also including Authorization, which is to<br>access the information that is being stored and Authentication which is the ability to prove who<br>you are and that you are supposed to access said information. Each letter represents a important<br>principle in Cybersecurity and information security because when all the concepts are brought<br>together it can provide a strong defense against any malicious actors.<br><em><strong>References:<\/strong><\/em><br>The Chai Article about the CIA Triad<br>https:\/\/drive.google.com\/file\/d\/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l\/view?usp=sharing<br>What is the CIA Triad and Why is it important?. Fortinet.com. Retrieved September 17, 2023,<br>from<br>https:\/\/www.fortinet.com\/resources\/cyberglossary\/cia-<br>triad#:~:text=The%20three%20letters%20in%20%22CIA,and%20methods%20for%20creating%<br>20solutions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Alexander ConradProfessor KirkpatrickFall CYSE 200TThe CIA TriadBLUFThe CIA Triad is a common model that is used by Information security in an organizationas a guide for people in information security to find and locate areas of concern. In terms ofauthentication and authorization, authenticity is proving who you say you are and authorizationis the given access once&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/2023\/09\/23\/the-cia-triad\/\">Read More<\/a><\/div>\n","protected":false},"author":26016,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/posts\/274"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/users\/26016"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/comments?post=274"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/posts\/274\/revisions"}],"predecessor-version":[{"id":278,"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/posts\/274\/revisions\/278"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/media?parent=274"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/categories?post=274"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/alexanderconrad-cyse200t\/wp-json\/wp\/v2\/tags?post=274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}