The CIA Triad is a concept that has been around since the 1980s. Some would argue that it has become outdated and needs to be upgraded, but it is still practiced today due to its effectiveness. The CIA Triad stands for Confidentiality, Integrity, and Availability is a model designed to guide organizations in policies pertaining to information security (Chai 2022). The CIA triad is the foundation for cybersecurity policies that organizations utilize to maximize their security.

Confidentiality is the equivalent of privacy and is used to mitigate sensitive information from being utilized by unauthorized personnel. Methods used to prevent unauthorized access include conducting special training to ensure personnel are equipped with the knowledge and familiarity when dealing with sensitive information. Tools such as 2-factor authentication, tokens, verification etc., are used to ensure maximum security depending on sensitivity levels (Chai 2022). Organizations should also practice
differentiating and recognizing the differences between Authentication and Authorization. Authentication is simply the process of verifying a user, while authorization is the process of verifying what the user has access to (Auth0, 2025). For example, if someone is boarding a flight, their ID or Passport is used to authenticate who the person is while authorization is presenting your boarding pass to be authorized to board the plane (Auth0, 2025). Ensuring familiarity with the differences between Authentication
and Authorization can help ensure not only confidentiality, but also the following components of the CIA Triad.

Integrity is the maintenance of the reliability of data over its lifecycle to ensure no changes or alterations are made by unauthorized personnel. Measures taken by organizations include user access and version control as well as safeguarding permissions. Organizations also keep backups or redundant files to prevent corrupted data loss and to restore data to its corrected state (Chai 2022).

Availability is the accessibility for authorized personnel to consistently view data and information. Methods used by organizations include maintaining network and software by regularly conducting software updates and ensuring timely maintenance. Organizations ensure there is proper connectivity by regularly checking bandwidth and resources to ensure proper communication. Backup copies are made and safeguarded, typically in an isolated location, and an effective Disaster Recovery Plan is created in case of a worst-case scenario (Chai 2022).

The CIA Triad is an effective model that organizations should utilize to ensure InfoSec is practiced and maximized. The need for security is more important now more than ever before. The CIA Triad should be upgraded due to the evolving cybersecurity landscape, but for now the CIA Triad is what organizations should utilize to maximize cybersecurity and protect their data.