The CIA triad is a well-known used information security model. It can guide an organization’s efforts and policies to keep the data secure. The initials stand for three principles. The C stands for confidentiality. Confidentiality means that only authorized users and processes should be able to access or modify data. I stands for integrity. Integrity means that data should be maintained in a correct state and nobody should to improperly modify it, either or maliciously. A stands for availability. Availability means that authorized users should be able to access data whenever they need to do so. The unique fact about the CIA triad is that it doesn’t seem to have a single creator or proponent. However, it evolved over time as an article of wisdom among security pros. It seems as if the three concepts was well established as a foundational concept by 1998. The CIA triad is important because it’s a way to make information make sense to you. For example, you can start asking questions as “Does this make our information more locked down and uneasy to access?,” instead of just spending money and not knowing what’s going on. Cybersecurity falls under the rubric of confidentiality. Under the rubric of confidentiality there is authentication and authorization. Authentication is what systems use to determine if a user is really who they say they are. For example, to get in a bank account you need to use a password but after that there may be security questions to identify yourself. The security question is the authentication. Authorization is what determines who has access to which data. For example, many companies have files that are only accessible by their creators. Also, information security pros may have access to files that their coworkers under them can’t access. Overall, the CIA triad is a great concept or guide to follow and understand information security.