The Importance and Utility of the CIA Triad

Posted by lgees001 on

The CIA triad is the basis for the operation of the CIA as well as what makes up the acronym of the CIA’s name, Confidentiality, Integrity and Availability. Through the acronym of CIA, the mission of the CIA is clearly and efficiently stated, to keep accurate and important information away from the eyes of those who may not be trustworthy and reliably allow information to be accessed by those who are trustworthy. The first word which makes up the CIA triad’s name is confidentiality, which is often used in place of privacy, it is meant to keep certain important pieces of information a secret from those who may use the information to do harm rather than good. As the blank document clarifies, “It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands.” (Chai 1, 2022) Authorization is closely linked with confidentiality, as there are different tiers of how important and potentially damaging information can be accessed and given out based off the station of the person being authorized.


The second portion of the triad is the word integrity, which is typically used as a sort of truthful assurance, in the case of the CIA triad, it is the integrity of the information being provided. If the information provided by the CIA is unable to be authenticated or speculative rather than fact, it would largely defeat the purpose of the CIA’s credibility with securing information. Authentication is affiliated with integrity, as authentication is to verify if the integrity of the information is present, if the information is not authenticated, the integrity of said information cannot be verified. This also applies to the credibility of the personnel who are able to access data, if their integrity is not verified, it is very likely that the data itself may be considered compromised.


Similarly, authentication relates to the third and final word, availability. Availability is meant to assure that secretive information is consistently possible for authenticated personnel to access. As is stated within the CIA triad document, this is not limited to merely making sure that the information itself is available as it also pertains to the upkeep of the systems at play of securing the information. “This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information.” (Chai 2, 2022)


The CIA triad efficiently and effectively communicates the mission of the CIA to the general public, as well as those who may work for the CIA. As an example of the CIA’s mission, they handle confidential information, which may very well be related to military, economic, or otherwise political means, they investigate to make sure that their information is full of integrity by being nothing less that factual and truthful, they then make sure that sensitive information is always available to the parties who need to access the information. For any nation, the handling of information is integral to the nation’s very infrastructure, as anyone from foreign powers to domestic terrorists may seek to use the information kept by the CIA for purposes which may negatively affect the nation.


Furthermore, to keep the CIA effectively running, authorization and authentication are very important to the organization. While it is true that the CIA triad effectively explains the mission of the CIA, to understand how that triad needs to be structured and put into business, especially regarding confidentiality, authorization and authentication need to be discussed. As the CIA handles a variety of sensitive information, the organization must make sure that only those who are trusted can handle the information they need, and if someone only needs certain information, they will be authorized to only access that information. By using authorization, it limits the amount of information given out even to trustworthy individuals, making it far more likely for the information to be kept confidential and only available to those who need it.


However, to make sure that authorization is held up, authentication must also be present. If the identity of the person who is trying to access the information cannot be authenticated, or verified, then the person who is trying to access the information is not allowed to access said information. Authentication is typically done through two avenues, two-factor authentication, or biometric authentication, both of which are present now in many other organizations within the United States of America. Two-factor authentication requires often not only for the user to enter a username and password, but also for them to receive another form of authentication on a separate device or account, this is often done through email or through a push notification on the user’s phone. Biometric authentication uses something unique about the user that cannot be easily replicated by another individual, this often is part of their biology, such as their fingerprint, their eye, or their entire face. These forms of authentication pay heed to the need for authorization, which in turn are needed by the CIA triad to properly function, allowing only those who are necessary to access the information involved and completing the triad’s goal of confidentiality, integrity and availability.


Works Cited
Chai, W. (2022, June 28). What is the CIA triad_ definition, explanation, examples – techtarget.pdf. Google Drive. https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view

Leave a Reply

Your email address will not be published. Required fields are marked *