Raegan Adgerson
CYSE 200T
February 15th,2026
Professor Duvall

2026: Understanding the CIA Triad
BLUF: In this write-up, we will understand one of the fundamental models in Cybersecurity: confidentiality, Integrity, and Availability. We will understand the Chai article and the difference between authentication and authorization, alongside research from other sources.

Confidentiality
This is the principle that focuses on privacy. It is foundational as it is the first letter to appear in the triad; it was first proposed as early as 1976 in a study conducted by the Air Force. Organizations maintain confidentiality by encryption, multi-factor authentication, or role-based access. Confidentiality is all about having restrictions on information.

Integrity
Integrity is about making your data trustworthy. Data is protected from unauthorized users and tampering. Companies make sure their data has not been modified by the use of encryption, hashing, and digital signatures (SailPoint, 2025). Integrity joined the triad around 1987, when data correctness was becoming more important.

Availability
This principle ensures that all information is consistent and accessible to the user. Systems should be functioning when necessary, so both the client base and employees can access information. An example of a disruption to Availability would be DDoS attacks and ransomware.

Authentication
Authentication identifies the user. It is usually the initial step in the security process. This is typically done using a password. Something we use at ODU that authenticates who we are before we access any of ODU’s data is Duo Mobile. ODU identifies you, but making you put your username and password in. They authorize you by using Duo Mobile.

Authorization
This process actually gives you access to the information. Authorization determines what information a person can obtain. You can be identified but still not have access to all the components of the organization(Fortinet, 2026). The difference between authentication and authorization is that authentication confirms who you are, and authorization allows you to look at the information you need after authenticating yourself.

Conclusion
To summarize it all, the CIA triad is an essential blueprint to the foundations of Cybersecurity and authentication identify the user and is usually the first step in the process. And authorization is the permissions given to you after you identify yourself to the system. By using these systems in tandem, organizations can defend against digital threats and confirm that People can access the right information at any time.