CIA Triad of Information Security

What Does CIA Triad of Information Security Mean?

Confidentiality, Integrity and Availability (CIA) are the three foundations of information systems security (INFOSEC). The purpose of the CIA Triad is to focus attention on risk, compliance, and information assurance from both internal and external perspectives.

Advertisements

  • Confidentiality — Information and Communication Technology (ICT) systems and data can only be accessed by authorized entities. The Principle of Least Privilege (PoLP) and Zero Trust both support confidentiality.

  • Integrity — Data can be trusted to be accurate and complete while at rest, while in use and while in transit. Key processes that support integrity include confidential computing and encryption.

  • Availability — Data and information systems are always accessible. High availability (HA) is supported by redundancy, predictive analytics and cloud computing.

Techopedia Explains CIA Triad of Information Security

Cybersecurity requires a layered, defense-in-depth strategy that supports confidentiality, integrity and availability. The CIA Triad provides a risk assessment framework that can be used to prioritize goals, purchases and policy.

The pillars of confidentiality, integrity and availability can be used to guide the creation of security controls that limit risk. While all security initiatives should should address each part of the framework, one of the three pillars of the framework might take precedence over another depending on the organization’s purpose.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Blockchain

Lessons From When the DEA Lost $55,000 in a Crypto Scam

Mensholong Lepcha9 months
dummy_img
Artificial Intelligence

AI Needs To Be Explainable When It Enters the Classroom

Dr. Tehseen Zia9 months
dummy_img
Artificial Intelligence

Will ChatGPT Mean An End to Human Moderation Jobs?

Kaushik Pal9 monthsTechnology Writer
dummy_img
Blockchain

Why ‘ReFi’ is the Latest Word in the $35tn Sustainable Investing Market

Assad Abbas9 monthsTenured Associate Professor of Computer Science at COMSATS University
dummy_img
Cryptocurrency

Crypto Tech is Changing All Traditional Industries – Here’s How

Arthur Cole9 monthsTechnology Writer
dummy_img
Blockchain

Not So Black And White: Exploring Grayscale’s Victory in Spot Bitcoin ETF Case

Sam Cooling9 monthsCrypto & Blockchain Writer

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
Trading
Trading
VoIP
VoIP
VPN
VPN