In this overview, I will be describing the fundamental concepts of the CIA Triad, along with also clarifying the difference between Authentication and Authorization. 

Introduction to the CIA Triad

What is the CIA Triad, you might ask? The CIA triad is a structure used to keep critical information within an organization secured (Chai, 2022). It stands for Confidentiality, Integrity, and Availability; the three essential principles that make up the CIA triad. Together, these three principles ensure that information remains confidential. By following the guidelines of the CIA triad, organizations can effectively protect themselves.

Confidentiality

Confidentiality is one of the essential elements when it comes to ensuring that sensitive information is only accessible to authorized individuals (Chai, 2022). Its primary focus is to protect any type of data within the organization from being exposed or misused. It often involves strict access to whoever is viewing/modifying the information. Confidentiality can also add security to identify any potential suspected risks. This helps organizations by making sure that their information is only accessible to trustworthy employees.  

Integrity

Integrity is another essential element of the CIA Triad. It focuses on the accuracy and consistency of data. Integrity makes sure that information is not being altered or tampered with by an unauthorized individual. It is vital to ensure that information is not at risk of a potential breach, for example, a breach of confidentiality (Chai, 2022). By implementing integrity, organizations can prevent an errors from occurring and unauthorized altercations being made to their information/data. 

Availability 

Lastly, availability is the final essential element of the CIA triad. Availability ensures that information is accessible to authorized individuals when needed. It focuses on the functionality of a system to ensure that no interruptions occur when an authorized individual tries to access any information. For example, availability often is backing up servers or taking any type of measures in case a system crashes/fails. Availability is crucial for an organization to operate without any type of disruptions impacting the systems that hold their information. 

Authentication vs Authorization

While many confuse authentication and authorization, they indeed are different from one another. Authentication is to verify the identity of the individual accessing an application or an account. For example, when logging into an account, after you put in your credentials, it may ask for a verification either from a phone number or personal email. While authorization determines what action the individual has the right to. For example, for an unauthorized user that’s not from Odu, to view this document, I have to authorize them access first. Although these words may sound and be spelled almost the same, their definition is different. 

Conclusion

In conclusion, the CIA triad is essential in the cybersecurity department. Without it, many organization’s information can be breached which can lead to misinformation being spread or misused. The CIA triad stops that from happening and ensures that sensitive information is kept secure within the organization. In other words, Authentication and authorization are equally crucial as the CIA triad. Together, they are both essential in providing protection.