The CIA Triad is a model that is foundational for cybersecurity that is made up of Confidentiality, Integrity, and Availability. Aside from the Chai Article, I found another article that emphasizes how these three principles work together. As stated in the Chai article they define the CIA Triad as, “Confidentiality, integrity, and availability, also known as the CIA Triad, is a model designed to guide policies for information security within an organization.” (Chai, 2022) The Fortinet article defines it as, “The three letters in ‘CIA triad’ stand for Confidentiality, Integrity, and Availability. The Cia triad is a common model that forms the basis for the development of security system.” (Fortinet, 2025)

Authentication and authorization are closely related but serve completely different purposes in cybersecurity while both support the Confidiality pillar of the CIA Triad. Authentication is the process of verifying a user’s identity before granting them access to a system. As stated in the Chai article, “User IDs and passwords constitute a standard procedure; two-factor authentication (2FA) is becoming the norm.” (Chai, 2022) This shows that authentication relies on credentials and verifying methods for identity to be confirmed. A few examples of my use of Authentication are, for example, when I log into my bank account using a password plus a onetime code that is sent to my phone. Another example is when I unlock my iPhone using my password or Face ID. Authentication is essentially a system asking, “Are you really who you say you are?” Authorization determines what an authentication user is permitted to access once their identity has been verified. As stated in the Fortinet article, “Access to information must be controlled to prevent the unauthorized sharing of data whether intentional or accidental.” (Fortinet, 2025) This emphasizes how authorization is the mechanism that limits access after authentication already occurred. As stated in the Fortinet article, “Access to information must be controlled to prevent the unauthorized sharing of data whether intentional or accidental.” (Fortinet, 2025) This emphasizes how authorization is the mechanism that limits access after authentication already occurred. A few examples of my use of Authorization are, for example, when I worked fast food, I was a manager and even though I successfully logged into the company network (authentication), I still couldn’t access payroll files because I was not HR. Another example is logging into canvas to see my upcoming assignments but not being able to edit my own grades. Authorization is essentially the system asking, “What permissions do you have?”

In conclusion, the CIA Triad highlights the importance of confidently, integrity, and availability by maintaining secure information systems. Authentication and Authorization work together closely to protect these principles by making sure only authorized users can access what they should. Overall, the CIA Triad model reduces security risks and keeps cybersecurity strong.