CIA Triad

Author: Rino , Created on Aug 30, 2025 2 min read

The most fundamental and core model in cybersecurity, consisting of three key principles: Confidentiality, Integrity, and Availability.

cybersecurity infosec concepts

CIA Triad

The Cornerstone of Information Security

When discussing Cyber Security, we first need a model for our thinking. The CIA Triad is the most fundamental and core model in this field, consisting of three key principles: Confidentiality, Integrity, and Availability.

Nearly all security measures are designed to protect one or more of these three principles.

The Three Core Principles

  1. Confidentiality
    • Goal: To ensure that information is accessed only by authorized users and to prevent its disclosure to unauthorized individuals.
    • Analogy: The lock on your mailbox. Only you, the key holder, can open it to see the letters inside.
    • Common Technologies: Encryption, Access Control, Authentication.
  2. Integrity
    • Goal: To protect information from being altered or damaged by unauthorized parties, ensuring the consistency and accuracy of data.
    • Analogy: Your bank account balance. You would never want anyone, be it a bank employee or a hacker, to be able to arbitrarily change this number.
    • Common Technologies: Hashing, Digital Signatures, File Permissions.
  3. Availability
    • Goal: To ensure that authorized users have timely and reliable access to information and related services when needed.
    • Analogy: An ATM. When you need to withdraw money, you expect it to be working properly, not "out of service."
    • Common Technologies: Redundancy (e.g., RAID), Backup and Recovery, Load Balancing.
  • Popular Science:
    • (Book) Cybersecurity For Dummies by Joseph Steinberg.
  • Textbooks:
    • (Book) Security+ Study Guide by Mike Chapple and David Seidl.
  • Further Reading:
    • (Book) Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson.