In the field of Cyber Security there is a guide called the CIA Triad which is used to direct an organizations’ attempts and creation of policies that will help keep their information safe and secure. This concept does not have a concrete date of origin but was established as a definitive concept in 1998. This guide encompasses three principles: confidentiality, integrity, and availability. Confidentiality is the use of authorized personnel being able to access specific important information (data records, monetary records, etc.). Integrity refers to data being maintained in a correct state and no one being able to corrupt this data accidentally or maliciously. Lastly, availability refers to authorized users being able to retrieve data whenever they need to. 

            The CIA Triad is important because it allows organizations to decrease the chances of being corrupted by unknown and unauthorized sources. Looking at the confidentiality aspect, organizations would enforce pin codes, password security, physical security, specific ID access, etc. This would make sure that the people who are allowed to see certain pieces of information are the only ones seeing them. Integrity refers to electronic or paper copies of specific information so that there is a record or hard copy of any form of information. Lastly, availability refers to the organization being attainable or reachable even they aren’t in service. 

            In the field of Cybersecurity, it is not only the CIA Triad that is important but also the two A’s: Authentication and Authorization. Authentication incorporates processes that allow systems to figure out if a user is who they say they are. For example, a common authentication program that is used today is a two-factor authentication. It sends an alert to another mobile device that makes sure the person logging in knows that their account is being logged into. Authorization regulates those who have the clearance to access which sets of data information. An example of this is having ID cards that are swiped before entering specific areas. Someone who works in the public relations department shouldn’t be able to swipe their card into the finance or operations management departments. Public-key cryptography is a largely used configuration that implements both authentication and authorization, by validating that a person is who they say they are via cryptographic keys. These two concepts together further protect an organizations integrity and decrease the chances of cyber-attacks.