CIA Triad

Quick Definition

The three fundamental security principles: Confidentiality (protecting data from unauthorised access), Integrity (ensuring data accuracy), and Availability (ensuring data is accessible when needed).

Detailed Explanation

The CIA Triad is the foundation of information security. Confidentiality ensures only authorised individuals access sensitive data (encryption, access controls). Integrity ensures data hasn't been tampered with (hashing, checksums, audit trails). Availability ensures systems and data are accessible when needed (redundancy, backups, DDoS protection). Security controls are designed to protect one or more of these principles. Different systems prioritise differently — a military system emphasises confidentiality, a financial system emphasises integrity, and an e-commerce site emphasises availability. ISO 27001 and most security frameworks use the CIA Triad as their organising principle.

Relevant Frameworks

ISO 27001NIST

Recommended Courses

COBIT® 5 Foundation