CIA Triad

Posted by ktoma005 on

The CIA triad represents the fundamentals of cybersecurity, one element would not be able to exist without the other. The “C” in the triad means confidentiality, it’s the rules and regulations that limit the access to sensitive information. The “I” means integrity; it’s the assurance that the information is accurate. The “A” means availability, it’s a guarantee that the information will be there if anyone wants to access it.

Confidentiality

In confidentiality, data is categorized as by the amount of damage that will be done if the information is leaked to the public. To prevent the breach of confidentiality the company should train employees to recognize when an enemy is trying to compromise the documents and how they should conduct themselves as employees to not make it easy for the enemy to get their documents. Confidentiality is maintained by authentication of the user which is verifying the user by a pin number or password.

Integrity

For integrity, if data is moving from point a to point whether that be physical or digital it must not be changed, there needs to be rules and procedures to make sure that the only people that are able to see that data are authorized. To protect integrity the owner of the files or documents should be the only one with read and write access while the rest should have just read. Companies should also enforce documents to have a required digital signature as well as a log of who and when did someone make changes. Integrity is maintained by only allowing people that are authorized, which means has access to the documents, to view the documents. 

Availability

This is so that data is also accessible to those that have the clearance to do so. The maintenance of the infrastructure that data is stored on is crucial to this element.  To protect availability there needs to be systems in place that are current and up to date on their upgrades. If something is broken it needs to be fixed immediately or a work around should be provided, a recovery plan should be in case if something goes wrong and cannot be fixed.

Conclusion 

The CIA triad is reinforced by each other because one cannot exist without the other. Authentication and authorization are a pivotal part of the equation. The triad will continue to evolve as technology advances but the basics will always remain the same.

References

Chai,  Wesley. (2022). What is the CIA Triad? Definition,Explanation, Examples. In.

Moss,  Ryan. (2022). The CIA Triad, Authentication, and Authorization. In.

Leave a Reply

Your email address will not be published. Required fields are marked *