CIA Triad

Confidentiality

Confidentiality ensures that sensitive information is only accessible to authorized individuals. For instance, in a hospital setting, patient records are confidential and can only be accessed by authorized healthcare professionals. Unauthorized individuals, such as other patients or visitors, must not access these sensitive records.

Integrity

Data integrity is the practice of protecting data and information from unauthorized modification. It ensures that data remains unaltered both while at rest and during transit. For instance, if test scores were to be changed in a math exam, it could lead to unfair outcomes and loss of trust in the examination system. We can ensure data integrity using various tools, such as hashes or checksums, data validation, digital signatures, access controls, and logs. For example, the hashes or checksums before and after transit must match to ensure that the data's integrity is not compromised. Another example is how digital signatures offer a secure way to verify the authenticity and integrity of digital documents or messages.

Availability

Cybersecurity is not only about protecting data but also ensuring that it is always available. This fact is known as availability, and it involves guaranteeing data and information through the accessibility of resources such as servers, networks, computers, and other systems and network resources. However, threats like system failures, cyber-attacks, or natural disasters can disrupt availability. Therefore, maintaining critical data and systems availability as much as possible is crucial for a business's profitability, people's well-being, and many other benefits.