BLUF
The importance of the CIA Triad (confidentiality, integrity, and availability) and the key differences between authentication and authorization.
CIA Triad
In the cybersecurity field a good model to use to ensure best practice is the confidentiality, integrity, and availability triad. These ensure that your systems will not be compromised and that appropriate employees will be able to access the necessary information for their specific role.
The confidentiality part of the triad is arguably the most important part, without the implementation of the confidentiality side of the triad triangle you would have poor integrity and poor availability. These steps require unique passwords, two-step verification, and even encrypting your router can all ensure network and device security (Federal Trade Commission, 2022).
The integrity of these documents comes once you have good confidentiality. To ensure integrity you should have a login tracker, edit tracker, and download history. This ensures a lack of malicious tampering of the secured documents on the site (Office of Information Security, Washington University, n.d.).
The last part of the triad is one that ensures access and that is availability. It is pivotal that customers and staff have access to the necessary information and that is where the availability aspect comes in. Even with good confidentiality and good integrity you need the ability to keep your networks running. One example is to have a disaster recovery system so the systems can be up as fast as possible (Fortinet, n.d.).
Authentication vs. Authorization
Authentication is when you prove that you are who you are and authorization is the permission to access something (Okta, 2024). An example of authentication is your unique username and password or the two-step verification in place at the majority of these companies and services. An example of authorization is getting a server code or invitation link allowing you to view something generally restricted from the public.
Conclusion
Despite what some believe, I think the CIA Triad is still well within the times and can still be used in the present day. I believe the three components still are very much active and have their specific roles. I also think it is important how there are so many authentication ways, like on my macbook I have a biometric reader of my fingerprint and then anything restricted gets alerted to my phone. The authorization is a little harder for me to wrap my brain around just because I have yet to need it at this time.
References
Federal Trade Commission. (2022, August). Securing Your Internet-Connected Devices at Home. Federal Trade Commission Consumer Advice. Retrieved October 4, 2025, from https:\/\/consumer.ftc.gov\/articles\/securing-your-internet-connected-devices-home
<\/p>\n\n\n\n
Fortinet. (n.d.). What is the CIA Triad and Why is it important? Fortinet. Retrieved October 05, 2025, from https:\/\/www.fortinet.com\/resources\/cyberglossary\/cia-triad
Office of Information Security, Washington University. (n.d.). Integrity. Office of Information Security. Retrieved October 04, 2025, from https:\/\/informationsecurity.wustl.edu\/items\/integrity\/
<\/p>\n\n\n\n
Okta. (2024, September 02). Authentication vs. Authorization. Okta. Retrieved October 04, 2025, from https:\/\/www.okta.com\/identity-101\/authentication-vs-authorization\/<\/p>\n","protected":false},"excerpt":{"rendered":"
BLUFThe importance of the CIA Triad (confidentiality, integrity, and availability) and the key differences between authentication and authorization. CIA Triad In the cybersecurity field a good model to use to ensure best practice is the confidentiality, integrity, and availability triad. These ensure that your systems will not be compromised and that appropriate employees will be… <\/p>\n