Marquis Williams
The CIA Triad
Cybersecurity
CYSE200
Professor Kirkpatrick
January 28, 2024
Within an organization there are guidelines and policies put in place in order to keep information secure. The Confidentiality, Integrity and Availability, abbreviated as the CIA triad is the framework for cybersecurity. These core concepts is a guideline to ensure that information technology personnel have the tools necessary to work.
Looking more in depth at the CIA Triad, Confidentiality can be summarized as a need-to-know basis. An individual within the workplace with have an access card that will allow them to gain entry to certain rooms and higher levels within the building. For example, a new employee or a receptionist will not be able to gain entry to all rooms nor will they be able to view documents both physical and digital. But a chief executive officer will have access to all rooms and information. Another example would be temporary accommodation for a work order or a group assignment and then the area and documentations needed will be reviewed and those persons will have limited access to the information and to the specific area.
Integrity is being honest with you job and yourself. When a human resource worker has all the personally identifiable information or PII they are trusted not to discuss, give out, or lose that sensitive information without the proper authorization. Availability is the final foundation within the CIA Triad. When it come to this building block all information must be readily accessible, only for those who are on the need-to-know list.
When using the CIA Triad for an organization it is a good foundation for the cybersecurity team to set their standards on and then raise them as needed. Just as in the history of the CIA triad there is not a sole creator and has formed over time, since 1976.
Authentication is the process of proving or showing something is real, true or what somebody claims it is. Authorization is the official permission or power to do something; the act of giving permission. Why would knowing these definitions in its entirety be important? Within the workplace employees may have multiple tittles but because of their position they are not allowed to view, handle, or speak about certain without the proper the clearance. For example, a sanitation specialist will have authorization to enter rooms within a building to clean. While that same sanitation specialist must use their badge, with the photo on it to scan through doors and pass the security guards. Another example is an individual can purchase clothing or shoes that look like the real thing but without the proof there is no way to authenticate its legitimacy. And a pilot must get authorization to land on a runway at an airport. This pilot must get approval from another source before entering to avoid consequences.
References:
What is the CIA Triad_ Definition, Explanation, Examples – TechTarget.pdf – Google Drive
https://www.oxfordlearnersdictionaries.com/us/definition/english/authentication?q=Authentication