The CIA triad: Definition, components and examples
What is the CIA triad? The CIA triad components, defined
The CIA triad is a widely used information security model that can guide an organization’s efforts and policies aimed at keeping its data secure. The model has nothing to do with the U.S. Central Intelligence Agency; rather, the initials stand for the three principles on which infosec rests:
- Confidentiality: Only authorized users and processes should be able to access or modify data
- Integrity: Data should be maintained in a correct state and nobody should be able to improperly modify it, either accidentally or maliciously
- Availability: Authorized users should be able to access data whenever they need to do so
These three principles are obviously top of mind for any infosec professional. But considering them as a triad forces security pros to do the tough work of thinking about how they overlap and can sometimes be in opposition to one another, which can help in establishing priorities in the implementation of security policies. We’ll discuss each of these principles in more detail in a moment, but first let’s talk about the origins and importance of the triad.