CIA triad is a model that should be used by all organizations to not only protect sensitive information or ensure availability, but also to bring awareness to understand the foundation and best practices better. As mentioned in Chai (2022), some best practices, divided by each of the three subjects, should include: For Confidentiality, data should be handled based on the organization’s required privacy. Integrity should ensure that employees are knowledgeable about compliance and regulatory requirements to minimize human error. Availability should use a network or server monitoring system (Chai, 2022).

CIA Triad

According to Chai (2022), the CIA triad is a model used to guide information security policies within an organization. Often, the model is referred to as the AIC triad (availability, integrity, and confidentiality) to avoid confusion with the Central Intelligence Agency (CIA), not the Central Intelligence Agency. The CIA triad is crucial in cybersecurity as it ensures that information is available when needed. Only individuals with the proper authorization can access secure information and ensure data accuracy.  The CIA triad is essential for providing accurate authorization and authentication to your organization *Chai, 2022). I would describe the CIA triad as your personal identity. When you are born in the United States, your parents are responsible for completing paperwork to obtain a Social Security card and a birth certificate. It is important, as you become an adult, never to share this information with others to protect your identity, unless requested by the right individuals. For example, when you go to the Department of Motor Vehicles to obtain a Driver’s License or Identification card, you are required to provide your Social Security Card, Birth Certificate, and proof of address (most recent bill sent to your address). To me, this is an example of Confidentiality because my personal information (Social Security Card and Birth Certificate) is only accessible to those authorized to view it (Department of Motor Vehicles Staff). When it’s time to obtain a new identification or license because I am close to the expiration date, the Department of Motor Vehicles will contact me via email or mail. This is an example of Integrity; the DMV is ensuring that my information (identification or driver’s license) remains accurate unless changed by authorized users (police department or state). Having the option to create a profile on the DMV website, to view my information when needed, is an example of Availability. I think this scenario also describes Authentication and Authorization. When creating your profile for the Department of Motor Vehicles, you must create a username and password that verifies your information. However, creating a profile will not give you administrative access.

Conclusion

The CIA triad is an excellent source for understanding how crucial it is to protect sensitive information. Using this foundation not only for technical purposes, but also for interactions such as those with the Department of Motor Vehicles, shows that cybersecurity is needed in everyday life.