CIA Triad Write-up 9/14/25

Mason Phillips
CYSE 200T
September 14, 2025
Professor Duvall

The importance of the CIA Triad

BLUF: The CIA Triad is a three-part model which serves as the basis for information
security and serves as a crucial part of cybersecurity for organizations.

Overview

The CIA Triad is a three-part model that stands for confidentiality, integrity, and
accountability. It is an important part of information security and “is a model designed to
guide policies for information security within an organization (Chai, 2022)”. Other than
being an important part of information security, it is also considered a crucial part of
cybersecurity as well.

Confidentiality

Confidentiality is the first main part of the CIA triad and is also essential to privacy.
“Confidentiality measures are designed to prevent sensitive information from unauthorized
access attempts (Chai, 2023)”. An example of confidentiality is encryption, which protects
the data from unauthorized access.

Integrity

Integrity means that the data is protected, and its reliability remains unchanged
through its lifecycle. One example of this is FIM or file integrity monitoring. “FIM tools track
and log changes to critical files, alerting security teams when unauthorized modifications
occur (Michael, 2025)”.

Availability

Availability means that data should be able to be accessed and used by authorized
users whenever needed. “This involves properly maintaining hardware and technical
infrastructure and systems that hold and display the information (Chai, 2023)”.

The difference between authentication and authorization

The authentication process determines who you are while authorization gives the
user access to systems. “The authentication process relies on credentials, such as
passwords or fingerprint scans, that users present to prove they are who they claim to be
(Kosinski, 2024).”, While “The authorization process relies on user permissions that outline
what each user can do within a particular resource or network (Kosinski, 2025)”. These
examples show the difference between authentication and authorization.

Conclusion

In conclusion, the CIA Triad is an important three-part system that serves as the
basis of information security through, confidentiality, integrity, and availability; however,
authentication and authorization also play an important part in data security for
operations.

References and Citations

  • Hashemi-Pour, C., & Chai, W. (2023, December 21). What is the CIA triad?:
    Definition from TechTarget. WhatIs.
    https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-
    CIA
  • Michael, T. (2025, July 25). What is integrity in cybersecurity?. Tolu Michael.
    https://tolumichael.com/what-is-integrity-in-cybersecurity/
  • Kosinski, M. (2025, April 15). Authentication vs. authorization: What’s the difference? IBM. https://www.ibm.com/think/topics/authentication-vs-authorization

One Comment Add yours

  1. Tim says:

    Nice article! Understanding the fundamentals is always key…this does exactly that.

Leave a Reply

Your email address will not be published. Required fields are marked *