Marlowe Cosby
IT 200 CRN 20192
9/27/20
Confidentiality, Integrity, and Availability are the three key elements of this foundational security model. They have proven to be efficient in helping organizations and personal matters be or become more secure over the last twenty or so years. Confidentiality, only for authorized users, restricted access. Integrity, only authorized users are able to change information, therefore the info should be accurate and remain unchanged representing what it is intended to (Fruhlinger). Availability, reliably available as needed to those authorized to do so, possibly the amount of users in which can use it. Many things challenge the CIA triad, like large amounts of data and especially the internet of things also because there are so many devices with so much information that it has many vulnerabilities to protect.
The CIA triad is a foundational key without a lone creator. It came about purely over time sprouted from a share of wisdom and information between info security professionals (Fruhlinger). There are a few pieces of evidence brought up by Ben Miller, Vice president of a cybersecurity firm. The evidence dates back to 1976 and ranges until late 80s then is solidified as a foundational concept in 1998 by Donn Parker in his book. Which then led to a proposed extended version of the triad into a Hexad. The CIA triad is meant to be used as a guide for when an organization decides to write up and then implement its security policies and framework. Using the CIA triads way of planning and thought while setting key priorities (Fruhlinger). Also, what is interesting about it is most industry standard frameworks actually were inspired by the CIA triad and have based its framework off of it.
What really makes the CIA triad important and crucial to the cyber field is not only its strategies and tips on keeping data and info safe and secure but its balance of power between confidentiality, integrity and availability. All three work together in keeping things in order and showing how things happened. For example when a hacker uses a DoS or denial of service attack they break confidentiality when they get through restricted access, break integrity when they alter your data and info, and your services are no long available as needed even though you were authorized to have it. In a way you could even look at the US government branches as its own triad, possibly extended hexad. The three branches serve a balance of power all relying on one another to do its key job, and if one fails to do so it will affect all of them. The judicial branch could even be seen somewhat like the Integrity, the executive the confidentiality and the legislative as the availability and then federal gov and etc as the extended hexad. The key thing of this is that CIA all work together in ensuring a secure procedure for framework.
Identification itself is asserting your identity to a system. While authentication is confirming your identification of proving that you are who you claim to be. For example, whatever account you log into on a platform the username or ID is who you claim to be, your identification. While the password to the ID would be the authentication; passwords whether it be two factor authentication, typed passcode, face scan, or finger scanned, are all routes of authentication some more secure than others. For example, what we do every day here at Old Dominion, DUO push. We enter our unique student ID , and password yet that isn’t enough to ensure that it is us logging in, we then get a DUO push to another device separate asking us, is this you signing in online at this location at this time. Very secure and nice features that make you feel safer about your information in this account. Many platforms have two factor log in, Instagram, gmail, facebook and other apps many people use daily offer it. Yet, many decide not too because they see it as a hassle or annoying to do such and they would prefer having the risk of being hacked slightly increased. Some times that patient extra step saves a lot of people and keeps important information secure. In conclusion the CIA triad plays a key role in information security and isn’t leaving any time soon and it affects our daily usage of technology.
Reference
Fruhlinger, J. (2020, February 10). The CIA triad: Definition, components and examples. Retrieved September 23, 2020, from https://www.csoonline.com/article/3519908/the-cia-triad-definition-components-and-examples.html