Authenticating, Authorizing, and the CIA Triad

Posted by cpatt014 on
Cristina Patterson
June 1, 2025
Authenticating, Authorizing, and the CIA Triad
Three key concepts form the CIA Triad; confidentiality, Integrity, and availability. The model
creates a basic blueprint for information security within an organization and can help information
officers in the development of security programs for the organization.
Understanding the Importance of the CIA Triad
The CIA (confidentiality, integrity, and availability) triad serves as a standard for organizations
when developing policies for information security. Confidentiality is the practice of securing
information from unauthorized access. Integrity focuses on maintaining the accuracy and
trustworthiness of data by preventing unapproved changes, even if they are accidental.
Availability ensures that critical operating systems are accessible when needed, minimizing
disruption of the ordinary course of business. Together, these three principles guise the
development of security policies, strategies to minimize risk, and technical controls that help
control organizations from cyber attacks and threats.
Understanding the Difference Between Authentication and
Authorization
Authentication and Authorization are two essential but different functions in cybersecurity.
Authentication verifies the identity of a user or system- confirming they are who they claim to be.
This can include credentials like passwords or multifactor authentication. In contrast,
authorization grants permission to a user or system specifying what actions they are allowed to
carry out. So a user may be able to log into a computer at the organization using their
credentials, however, their access levels can be limited depending on their function at the
company.
Conclusion
In conclusion the CIA triad- Confidentiality, Integrity, and Availability forms a solid foundation for
competent cyber security practices. By incorporating the three, organizations can expect to have
sensitive data safeguarded, ensure availability of their operating systems, and defend against
cyber threats.
References
GeeksforGeeks. (n.d). Difference between authentication and authorization.
https://www.geeksforgeeks.org/difference-between-authentication-and-authorization/

Leave a Reply

Your email address will not be published. Required fields are marked *