When someone first hears CIA, usually the first thing that comes to mind is the Central Intelligence Agency, but within the cybersecurity field, this means something completely different. CIA stands for Confidentiality, Integrity, and Availability. This triad is used as the objectives of information security. Although there is no clear creator of the triad, it was a well-established concept by the 1998. This is when Donn Parker mentioned it in his book Fighting Computer Crime (Fruhlinger, 2020, p.2). But what does each part of the triad actually mean?<\/p>\n\n\n\n
Confidentiality Integrity<\/strong> Availability<\/strong> Conclusion<\/strong> When someone first hears CIA, usually the first thing that comes to mind is the Central Intelligence Agency, but within the cybersecurity field, this means something completely different. CIA stands for Confidentiality, Integrity, and Availability. This triad is used as the objectives of information security. Although there is no clear creator of the triad, it… <\/p>\n
<\/strong> To start off the triad, we have confidentiality. Confidentiality refers to having data\/info to be exposed to only those allowed to see it. Confidentiality can be farther explained with the two A\u2019s: Authentication and Authorization. Authentication is the process of a system making sure something\/someone is genuine; in other words, making sure you are you. Some examples of authentication include passwords\/PINs, tokens, biometrics or even multi-factor authentication. Then we have authorization which determines who can and who can\u2019t access info\/data. An example of authorization is when an executive is able to access certain files, but a regular employee isn\u2019t. <\/p>\n\n\n\n
Next up we have Integrity. Integrity refers to the data being modified by only those authorized to do so. This is so that the data can trusted; that it wasn\u2019t modified by anyone it wasn\u2019t supposed to be by. Integrity can be kept up by the same ways as confidentiality because the two go hand and hand. But other ways integrity can be maintained is with hashing or data checksums. <\/p>\n\n\n\n
Finally, we have availability. Availability refers to the data being available to those who need it and when they do. In order to keep up with availability, systems should be up to date, being able to handle its\u2019 workload. DoS attacks are an example of when there is lack of availability in a system. <\/p>\n\n\n\n
Like stated before, the CIA is an important part of information security. It provides systems with a guide in overall security policies and frameworks. \u201c Implementing the tirad isn\u2019t a matter of buying tools; the triad is a way of thinking, planning, and, perhaps most importantly, setting Industry standard cybersecurity frameworks\u201d. <\/p>\n\n\n\n
References<\/strong>
Dictionary.com, LLC. (1995). Dictionary.com. Retrieved March 18, 2022, from https:\/\/www.dictionary.com\/
Fruhlinger, J (2020). The CIA triad: Definition, components and examples
IDG Communications, Inc.
<\/p>\n","protected":false},"excerpt":{"rendered":"