The CIA Triad

Posted by kmerr012 on

In this assignment, I will be defining the CIA triad. I will be going over topics like the components
of CIA and what they stand for. I also will be listing the differences between authentication and
authorization.

What is the CIA triad?

The CIA triad, also known as Confidentiality, integrity, and availability, is a model designed
to guide policies for information security within an organization. The model is also known as the
AIC triad (availability, integrity, and confidentiality). This framework is key for helping
organizations upgrade and maintain maximum security while enabling staff to perform tasks like
data collection, customer service, and general management. The framework also helps data
professionals assess what went wrong during a malfunction or cybersecurity attack and how it
can be fixed. In determining when and where the framework happened, its unclear who exactly
created the framework, but some of the principles in it have been used by people like Julius
Caesar to safeguard critical information. Now, I will define what the CIA means.
To start, the “C” stands for confidentiality which involves protecting sensitive data private
and safe from unauthorized access. Confidentiality is on the same level as privacy. Confidentiality
measures are designed to prevent sensitive information from unauthorized access attempts. For
example, when you send emails, and you’re directing the contents of the emails to a specific
person or group of people, the protections in place that keep your email private are measures
related to confidentiality. Some others are passwords, locks, and tokens.
The “I” stands for Integrity, which makes sure data and business analyst are accessing
accurate information. Its main objective is to make sure its protecting data from being modified
by unauthorized parties, accidentally by authorized parties, or by non-human-caused events like
an electromagnetic pulse or server crashes. Actions to maintain the integrity of information are
encryption, hashing, user access controls, checksums, version control, and backups. If a
company provides information about senior managers on your website, this information needs
these actions to maintain the integrity of information.
The “A” stands for availability, which makes sure systems, networks, and applications
must be functioning as they should and when they should. It also should be swift and readily
available when individuals need certain information. Availability sometimes can be tricky due to
natural occurrences like denial of service (DOS), power outages, or natural disasters.
While the CIA triad is a good framework to use for the protection of information, it also
comes with some challenges. Big data has been an issue the CIA triad has dealt with because of
the ever-increasing amount of data coming in. As technology grows, more devices are
implemented to the streams of data in a variety of forms. Another challenge is internet of things
privacy and security. When internet-enabled devices enter the market, some devices remain
unpatched or use weak passwords. Making it possible for attackers to steal information and
reveal information that should be private.

Conclusion
The CIA triad is a framework that’s based off confidentiality, which makes sure data is safe and
private. Integrity, which makes sure the information being accessed is accurate information. And,
Availability, which makes sure the systems, networks, and applications are functioning as they
should be when individuals need to access certain information. This framework is important
because its necessary it assessing what went wrong and where it went wrong, while also
knowing what did work. This then determines the weak points in systems allowing us to fix them.


References
What is the CIA triad and why is it important?. Fortinet. (n.d.).
https://www.fortinet.com/resources/cyberglossary/cia-triad
freeCodeCamp.org. (2021, April 28). The CIA triad – confidentiality, integrity, and availability
explained. https://www.freecodecamp.org/news/the-cia-triad-confidentiality-integrity-and-
availability-explained/
What is the CIA triad?. Coursera. (n.d.). https://www.coursera.org/articles/cia-triad

Leave a Reply

Your email address will not be published. Required fields are marked *