THE CIA TRIAD

Posted by fgonz006 on

MEASURES IN THE CYBER WORLD.
BY FELIPE GONZALEZ
Three of the most important guided core principles we have in Cybersecurity are
what we call the CIA triad, these pillars are designed to help as a guide in creating
policies for information security to protect data. We will discuss why Confidentiality,
Integrity and Availability principles help us employ measures to create secure digital
environments and why the first is as important as the last.

CIA TRIAD:
CIA triad is considered the most integral part that entails cybersecurity as a
whole, imperative for risk, assets and mitigations protections are based on this model.
We will discuss the importance of each principle and their primary roles safeguarding
data.

Confidentiality:
Confidentiality in short is to be secured and privacy, that only those that need
access to networks are the only ones and not anybody else. Is ment to protect access
of unauthorized access attempts, key safeguard in protecting data and access to
sensitive information. Confidentially set rules that limit access to information flow, this
can include 1- Data encryption which transforms your data into a non-human readable
format, 2- Different classifications which categorized data based on confidentiality and
sensitivity, 3- Biometric verifications which uses unique to the users biological
characteristics like iris scans and fingerprints and most popular multifactor
authentication which is a method that requires more than one authentication.

Integrity:
Integrity might be considered like the copyright in the cyber world, it just means
that creators are in fact the creators and not something that has been altered on its
transfer. It is meant to ensure document trustworthiness on its original stage and has
not undergone unauthorized modifications aka “ digital notary”, because it guarantees
authenticity of the original document. Some strategies used to safeguard your data
include 1- Hash functions to detect alterations, 2- Digital signatures to confirm authors
identity and 3- Guarantee unaltered electronic documents and Version control to track
changes.

Availability:
Availability is what it says it means, that it is available and only available to whom
is authorized. This will be your day today access to the systems and resources without
any hiccups. This principle is often left under-appreciated even though it is the very
means by which we can utilize data, if we are not able to connect to access our data, is
not a good day. It involves properly maintaining those systems, hardware and all the
infrastructure that holds all data. Key elements to ensure seamless user experience
might include 1- Uptime management which means all systems are green, minimizing
downtime and always working by rigorously maintaining all hardware, 2- SLA’s that
outlines expected level of service and, 3- Redundancy and backup strategies to help
with unexpected disruptions.

Who needs to access what?
When it comes to the access of information it is very important to know who can
access what, by issuing specific roles and permissions, one can track what data can be
accessed and by whom, it all depends on the role of the individual. We can break it
down by authentications and authorizations.
While authentication can verify the individual identity by either one of the multiples
security features implemented on a system like as simple like a username and
password to as complex as biometrics verification, will be just to gain access to the
system, while authorization grants or denies access based on authenticated roles and
responsibilities granted to an individual, so they go hand in hand.

Conclusion:
As you can see, Confidentiality, integrity and availability are the pillars of creation in
cybersecurity. They play an important role in managing policies and principles, do they
need to be updated? Probably, but regardless if they do, these three principles are a
roadmap in helping us pursue a more secure digital environment and protect against
cyber threats.

References:
Cochran, Kodi A. “The CIA Triad: Safeguarding Data in the Digital Realm. ” Cybersecurity Essentials, Apress L. P, 2024, pp. 17–32, https://doi.org/10.1007/979-8-8688-0432-82.
_
Wesley Chai. “What is the CIA Triad? Definition, Explanation, Examples – TechTarget PDF,
https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view

Leave a Reply

Your email address will not be published. Required fields are marked *