Professional Documents
Culture Documents
Unit 1 Assignment
CIA Triad
CIA Triad
The CIA triad, which stands for confidentiality, integrity, and availability, is a model that
helps organizations establish policies for information security and it is the foundation of
cybersecurity. Confidentiality means keeping data secret or private, by using encryptions, access
control, and authorization to information on a need-to basis (Furhlinger, 2020). Integrity means
that data is retained in an accurate state and protected from accidental and malicious
modification (Chai, 2023). Availability means data is available and acceptable to legitimate users
whenever they need the data. It is essential to maintain a balance while implementing security
measures for the CIA triad. If the security measures make it difficult for authorized users to
access data, such measures cannot be considered effective as they would discourage users from
using it. Thinking about the CIA triad helps make sense of various security options and
priorities. It helps us focus on a balanced solution that is secure, usable, and reliable (Furhlinger,
2020).
find a story about failed cybersecurity attacks. After hours of searching, I found one relevant
story. CrowdStrike a cybersecurity firm reported that a suspected Russian hacker who was
responsible for hacking many US government agencies had failed his hacking attempt on
CrowdStrike (CNBC, 2020). The hacker had attempted to read CrowdStrike emails using a
Microsoft reseller account. CrowdStrike a strong promoter of CIA triad, maintains tight security
controls. Confidentiality, most of their data is encrypted, and in transit, in the event email or data
is accessed it will not be usable to the hacker. Integrity, CrowdStrike maintains dual
3
authentication meaning data is accessible to authorized users only. Availability, use of VPN, dual
To conclude, I would say that, the CIA triad is one of the fundamental yet very effective
guiding principles when it comes to Cyber security. Data confidentiality is one of the major
concerns of big and small businesses, and one of the effective ways to maintain confidentiality is
to encrypt data at rest and in transit. Without data integrity, data is not reliable and thus unusable.
Maintaining data integrity using various methods like information classification, access control,
and authorization is essential. Finally, data is useful only when it is available when it is required.
Hence data availability is also one factor one needs to consider when designing Cybersecurity
solutions.
4
References
Chai, W. (2021, January). Confidentiality, integrity and availability (CIA triad). TechTarget.
https://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA
CNBC. (2020). Suspected Russian hackers made failed attempt to breach CrowdStrike, company
attempt-to-breach-crowdstrike.html
Furhlinger, J. (2020). The CIA triad: Definition, components and examples. CSO.
https://www.csoonline.com/article/568917/the-cia-triad-definition-components-and-
examples.html