Jayden Hood 

Professor Duvall

CYSE-200T

9/14/25 

What Is the CIA Triad? 

BLUF(Bottom Line Up Front):

The CIA Triad—Availability, Integrity, Confidentiality—is the underlying cyber security model that keeps information secure, reliable, and accessible. Authentication guarantees identity; Authorization determines access rights. Together they enforce the security rules of the CIA Triad(Chai, 2023; Fortinet, 2024).

What Is the CIA Triad? 

The CIA Triad is a basic model used in cybersecurity to help keep data and systems safe. It helps guide how we protect information. It means:

  • Confidentiality– Keeping data stored in a private or secured location from unauthorized access.
  • Integrity– Making sure that the data is accurate and not tampered with from unknown individuals.
  • Availability– Having data accessible to the right individual when needed(Chai, 2023).

Examples: 

🔐Confidentiality 

Example: A bank using multi-factor authentication(MFA) and end-to-end encryption to secure/protect customers online banking information. 

⚙️Integrity

Example: In medical systems, patients’ records are stored in a secure place so that only authorized doctors or nurses can access them or update them.

🔩Availability 

Example: A school or business using cloud storage for their students/workers to access materials online.

Authentication v/s Authorization

Although these two are often confused, they are very different and both are essential for building secure systems. 

  • Authentication– Is the process of proving that someone/something is who/what they claim to be. 
  • Authorization– Is the process of deciding what you’re allowed to do after you log in. 

Examples:

✅Authentication

Example: When you log in your email, you enter your password,face ID,or MFA. If you are given the correct information, the system confirms that the information you have given is actually you(IBM, 2024).

✅Authorization

Example: Once you finish logging in email(authentication), you can read and send emails, but not be able to change the setting for other individuals(Fortinet, 2024).

How Does This Connect To the CIA?

  • Confidentiality-Only that customer (and authorized bank personnel) can see their money data; the others cannot. The MFA + login ensures that.
  • Integrity-Bank accounts are accurate; unauthorized changes can’t be performed by a person who is not authorized. Tracing will show who altered what and when.
  • Availability- Banking infrastructure is present when the customer needs it; redundancy and backup systems exist to guarantee that even when there are failures, customers can be served (perhaps through mobile, etc.).

Conclusion

The CIA Triad—Confidentiality, Integrity, Availability information should be private, accurate, and available to the right people when they need it. Authentication and Authorization help make this happen. Authentication confirms who you are, and Authorization decides what you can do. Together, they both make systems secure while enabling the right people to easily use them(Fortinet, 2024).

📃References 

Chai, C. (2023). The CIA Triad: Confidentiality, Integrity, and Availability. Retrieved from https://sites.wp.odu.edu

IBM. (2024). Authentication vs. Authorization: What’s the Difference? Retrieved from https://www.ibm.com

Fortinet. (2024). Authentication vs Authorization. Retrieved from https://www.fortinet.com/resources/cyberglossary/authentication-vs-authorization