Pillars of CIA Triad CYSE200T

Posted by jpabl004 on

Julian Pablo

Old Dominion University

CYSE200T

Professor Skip Hiser

15 February 2026

CIA Write Up

Pillars of CIA Triad

            BLUF: The CIA triad acts as foundational pillars that cover the most basic but important part of any security plan including confidentiality, integrity, and accessibility.

            The first pillar of the triad is confidentiality; it’s the assurance that private information is out of the reach from the general public. The general way to do this is to classify what data is considered public, private, and top secret (Chai, 2022). The people who are given permission to this information should be the only ones who have access to this information.

            A breach in confidentiality means private or secret information to be leaked. This can severely compromise an organization as it would mean private information spreading to masses rapidly—information that could be leaked includes company records, customer PII, and

            The next pillar of the triad is integrity; it’s the confirmation that data is correct and hasn’t been changed by unauthorized individuals. This ensures reliability in an organizations data and what’s inputted is actually correct. 

            Compromised integrity could lead to errors in databases. Hackers could either change employee profiles or even delete entire files of data (Cawthra, 2020).

            The last pillar is availability; it makes sure that systems and databases are accessible to employers and customers when needed. Essentially workers should have access to the databases that are authorized to them in order to complete their tasks, and customers should have access to the service 24/7 whenever they need to shop or contact a company (Chai, 2022).

            Loss of availability means loss of access for everyone. An example would be if amazon service were to randomly shut down. This means customer can no longer receive or make order and employees can’t process or access what orders need to be done. This is why availability is crucial as it could be mean the shut down of a whole system.

            Authentication and authorization acts as extensions of availability. They may all sound very similar, but they serve different purposes.

            Authentication is the verification of whether the person is the person of who they say they are. This is typically your username and passwords but there are other ways to verify as well. Most companies have a multi factor authentication where aside from password they use others keys like a keycard or bio scanners.

            Authorization makes sure a person only has access to the resources that they have permissions for (Auth0, n.d). For example, someone who has private clearance can access data that is classified as private, but the person cannot access top secret data as their permission isn’t high enough.

            In conclusion, the CIA triad is an essential part of information security (Auth0, n.d). Keeping data private from the public, ensuring reliability of data, and having consistent access are all key components that should constantly be considered. The triad is a foundation to any security plan that wouldn’t operate properly without it.

References

Auth0 Docs. Authentication vs. authorization. (n.d.). https://auth0.com/docs/get-started/identity-fundamentals/authentication-and-authorization

Cawthra, J. (2020, December). Executive summary — NIST SP 1800-26 documentation. NCCOE. https://www.nccoe.nist.gov/publication/1800-26/VolA/index.html

Chai, W. (2022). What is the CIA triad. What is the CIA Triad? Definition, Explanation, Examples. https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view

Leave a Reply

Your email address will not be published. Required fields are marked *