WRITE UP: THE CIA TRIAD

Using the Chai Article (Links to an external site.), along with additional research you will conduct on your own, describe the CIA Triad, and the differences between Authentication & Authorization, including an example.

Ashley Mejia Macias

CYSE 201T 

February 21, 2025

The CIA Triad 

The CIA Triad stands for confidentiality, integrity and availability which are the three core principles for this fundamental model in cybersecurity. It also has a nickname of AIC to avoid confusion between the Central Intelligence Agency. This article explains how fundation the CIA triad is and how although it is effective it needs an update especially with modern technology. 

Confidentiality is a function to ensure that sensitive information is accessed only by authorized access. It involves privacy to the highest degree in cybersecurity. Strict measures are implemented to help with this category. Some examples of these measures are encryption and access controls to maintain confidentiality. 

Integrity makes sure that the data is accurate and untouched. It involves consistency, trustworthiness and accuracy of data. Some examples are checksums and hashing to help maintain integrity. There’s strategies that must be put in place to make sure data cant be altered during transit by unauthorized people or it will be a breach of confidentiality. 

Availability manages that information and resources should be at all times readily accessible for authorized users when needed. This includes properly maintaining hardware, technical infrastructure and systems that carry and exhibit the information at hand. 

Authentication and authorization are both different concepts that may appear the same. Authentication is the process of identifying a user or system. For example a password and username and for added security a MFA (multi-factor authentication) like a text message or email. Authorization determines what an authenticated user can do and what permissions they have. This step is usually after authentication and an example would be having different permissions as a manager to view different things like balances, transfer funds, administrative functions , etc. 

References

Chai, W. (n.d.). What is the CIA triad_ definition, explanation, examples – techtarget.pdf. Google Drive. https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view 

Shea, S. (2022, August 11). What is Data Security? the ultimate guide. Search Security. https://www.techtarget.com/searchsecurity/Data-security-guide-Everything-you-need-to-know