CIA triad is a version drawn to an organization’s direct policies and security information. CIA Triad comprises three concepts: confidentiality, integrity, and availability. Confidentiality refers to rules that restrict access to any data or information. It ensures privacy. Measures in this concept of CIA Triad are planned to avert subtle information from attempted access by unauthorized persons. The other idea comprised in CIA Triad is Integrity. It implies upholding data accuracy, trustworthiness, and consistency throughout the cycle (What Is the CIA Triad? Definition, Explanation, Examples – TechTarget, n.d.). Availability refers to ensuring that data is readily and consistently reachable by authorized individuals. It mainly comprises proper maintenance of technical and hardware infrastructures that display and retains the information (What Is the CIA Triad? Definition, Explanation, Examples – TechTarget, n.d.). According to (Covert et al., 2020), CIA Triad is a model that makes the foundation for the transformations of
security systems. This model is used in locating methods and vulnerabilities for constructing a solution.

The three concepts, confidentiality, integrity, and availability in CIA Triad, are significant in the operation of a business. This segmental distinction is crucial as it offers a guide to security teams as they discover various ways to curb every challenge related to cyber security. The CIA Triad is quite simple to data security in that information is tampered with at any moment, resulting from compromising either of these segments. CIA Triad has several importance. These principles are comprised in the Triad aid guide in initiating security plans for companies (What Is the CIA Triad? Definition, Explanation, Examples – TechTarget, n.d.). The Triad is also used in evaluating needs for possible new technologies and products that assist the companies in focusing on crucial questions regarding the value issued in these three principal areas. According to (Farsi et al., 2020), CIA Triad assists in making sense of the multiple security methods and services available. It also helps distinctly portray a picture of what is needed that directs the security concerns.
There are several challenges that the CIA Triad faces. The total volume of information for big data that a company may need protection from may be a challenge to the Triad. This is because of the complex origins of data and the various formats in which these data sets exist. Moreover, since the significant task for big data is making and collecting some crucial interpretation of all the information, oversight of accountable data frequently lacks.
In order to curb these challenges, the following are the best practices that should be implemented in the CIA Triad. In the confidentiality principle, information should be stored based on the privacy required by the organization. For the integrity principle, the use of recovery software is recommended. Moreover, employees should ensure they understand the regulatory requirements to reduce errors. For the availability principle, one should ensure that applications and systems are up to date.

Differences between Authentication and Authorization
Although authentication and authorization processes are used together, they involve different processes to protect a firm from cyber-attacks. According to (Saxena et al., 2016), authentication involves the process of user verification, while authorization is the procedure of verifying what the users have access to. According to (Echeverria et al., 2019), the difference between authentication and authorization is that authentication decides whether it is the actual user while authorization controls what the user may or may not access. Authentication is carried out before authorization, while authorization is done after authentication is finalized. Authentication is changeable and visible to the user, while authorization is not changeable by the user.
An example of authentication. Employees can access a human resource application consisting of confidential pay details through verification of their identity—for example, authorization. After the employees’ access is authorized, employees can access various levels of information based on the company’s permissions.
In conclusion, the moment an organization invents a security program, CIA Triad can be used as a significant yardstick that helps prove the need for the security commands observed. Almost all security activities use either of the three fundamental principles of the CIA Triad.

References
Covert, Q., Steinhagen, D., Francis, M., & Streff, K. (2020). Towards a Triad for Data Privacy. In scholarspace.manoa.hawaii.edu. http://hdl.handle.net/10125/64277
Echeverria, S., Lewis, G. A., Klinedinst, D., & Seitz, L. (2019). Authentication and Authorization for IoT Devices in Disadvantaged Environments. 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). https://doi.org/10.1109/wf-iot.2019.8767192
Farsi, M., Alireza Daneshkhah, Amin Hosseinian-Far, & Hamid Jahankhani. (2020). Digital Twin Technologies and Smart Cities. Springer International Publishing.
Saxena, N., Choi, B. J., & Lu, R. (2016). Authentication and Authorization Scheme for Various User Roles and Devices in Smart Grid. IEEE Transactions on Information Forensics and Security, 11(5), 907–921. https://doi.org/10.1109/tifs.2015.2512525
What is the CIA Triad? Definition, Explanation, Examples – TechTarget. (n.d.). WhatIs.com. Retrieved September 16, 2022, from https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability- CIA?jr=on