Introduction
The CIA Triad is a system the organizations can use to help develop the security policies for organizations. People can look at it as an interconnected system. The CIA Triad is built of three key parts: “ Confidentiality, Integrity and Availability”. The CIA Triad is a benchmark model in information security designed to govern and evaluate how an organization handles data when it is stored, transmitted , or processed.
History
The CIA Tread formed over time and doesn’t have a single creator. (CIS,2023)The study of confidentiality was first proposed as early as 1976 by the U.S. Air force. When the study was brought upon everyone two men named David Clark and David Wilson created an article called “A comparison of commercial and Military Computer Security Policies” in the article they recognized that we needed accounting records and data correctness. We always want to have a place to have our past and always want records to pull up if you have to show what happened in the past. (CIS,2023)When the idea became more widespread later in 1988 people saw the 3 concepts that they introduced as the CIA Triad.
Why does it matter?
This provides a template on how to identify risk and protect the networks from unauthorized activity through the right cybersecurity policies and mitigation measures. This is a template for organizations to use for their basic defenses for their company. This helps them understand what will happen and how to go about it to protect important information from the wrong people. (CIS 2023)This can evaluate your organizations and identify all data you store in context of the CIA triad to ensure that existing cyber polices and protection address the appropriate risk.
Differences between Authentication and Authorization
First I will define the two: (Shacklett,2021) Authentication is the process of determining whether someone or something is, in fact, who or what it says it is. So when you get on your phone and try to log into something with a lot of personal information it makes you verify if you are actually human or not by doing a little test. ( T.T., 2010)Authorization of official permission for something to happen, or the act of giving someone official permission to do something. For example, it’s like if my mother wanted to know any personal information about me in school she would have to get authorized by me to attain my information. Difference between the two is that one plays off another. Authentication is a person trying to become authorized to access the information they need. So the two play off each in my opinion.
Conclusion
In conclusion, the Cia triad is the basics every organization needs to know to lay out the foundation of their security measures. The CIA Triad has three key concepts which is Confidenity, Integrity, and Availability and these concepts help build your security measures. They also help you separate things from important to least important. Also Authentication and Authorization work off of each other.