Scribd
Upload
6 views

Written Assignment Unit 1

The CIA triad, consisting of confidentiality, integrity, and availability, is essential for cybersecurity defenses against cybercriminals. It helps organizations protect sensitive information, ensure data accuracy, and maintain system access through various security measures. A mobile payment application exemplifies effective CIA triad implementation by employing two-factor authentication, hashing algorithms, and redundancy to safeguard user data and ensure continuous service availability.

Uploaded by

robin.klhtet
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6 views

Written Assignment Unit 1

The CIA triad, consisting of confidentiality, integrity, and availability, is essential for cybersecurity defenses against cybercriminals. It helps organizations protect sensitive information, ensure data accuracy, and maintain system access through various security measures. A mobile payment application exemplifies effective CIA triad implementation by employing two-factor authentication, hashing algorithms, and redundancy to safeguard user data and ensure continuous service availability.

Uploaded by

robin.klhtet
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Written Assignment Unit 1

Expanding and explaining the CIA triad and how they support the cybersecurity defenses

against cybercriminals

The CIA triad is a fundamental concept in cybersecurity, consisting of three key principles --

confidentiality, integrity, and availability. These principles work together to protect sensitive

information, ensure the accuracy of data, and maintain access to systems, forming the foundation

for cybersecurity defenses against cybercriminals.

Confidentiality focuses on preventing unauthorized access to sensitive data. Cybercriminals

often attempt to steal information through phishing attacks, data breaches, and unauthorized

system intrusions. To maintain confidentiality, organizations implement security measures such

as encryption, access controls, and multi-factor authentication (IBM, 2024). Encryption ensures

that even if data is intercepted, it remains unreadable without the correct decryption key. Access

control mechanisms, such as role-based permissions, restrict access to critical information to

only those who need it. Multi-factor authentication adds an extra layer of security by requiring

users to verify their identity through multiple factors, such as a password and a temporary code

sent to their phone. These measures help prevent cybercriminals from gaining access to

confidential information, such as financial records, medical data, or trade secrets (CISA, 2023).

Integrity ensures that data remains accurate, consistent, and unaltered unless modified by

authorized users. Cybercriminals often attempt to manipulate or corrupt data through techniques

such as malware infections, man-in-the-middle attacks, and SQL injection attacks. When data

integrity is compromised, misinformation can spread, financial transactions can be altered, or

critical system functions can fail. To prevent such issues, organizations use cryptographic hash
functions, digital signatures, and checksums to verify the authenticity of data (IBM, 2024). A

hash function generates a unique identifier for a set of data, allowing organizations to detect

unauthorized modifications. Digital signatures authenticate documents and messages, ensuring

they come from a trusted source and have not been altered. Checksums validate data integrity by

comparing expected and actual values, identifying any unauthorized changes. By implementing

these measures, organizations can maintain trust in their systems and prevent cybercriminals

from tampering with critical data (CISA, 2023).

Availability ensures that authorized users can access systems and data whenever needed.

Cybercriminals often attempt to disrupt access through denial-of-service (DoS) and distributed

denial-of-service (DDoS) attacks, which overwhelm systems with excessive traffic. Ransomware

attacks also threaten availability by encrypting data and demanding payment for its release. To

maintain availability, organizations use redundancy, load balancing, and backup solutions.

Redundant systems ensure that if one server fails, another can take its place. Load balancing

distributes network traffic efficiently, preventing overloads. Regular data backups protect against

ransomware attacks, allowing organizations to restore lost information without paying for

cybercriminals (IBM, 2024). These strategies help ensure continuous access to data and services,

even in the face of cyber threats.

The CIA triad plays a crucial role in cybersecurity defenses by addressing the most common

threats posed by cybercriminals. By maintaining confidentiality, integrity, and availability,

organizations can protect sensitive information, prevent unauthorized modifications, and ensure

access to critical resources. Security frameworks such as Zero Trust Architecture and Security

Information and Event Management systems align with these principles to create a

comprehensive defense strategy. In an era where cyber threats are constantly evolving, adherence
to the CIA triad remains essential for securing digital assets and safeguarding against

cyberattacks (CISA, 2023).

Conducting additional research, finding an example of when an organization (business)

successfully protected its assets against cyber-criminals by properly implementing

cybersecurity C.I.A. triad.

A notable example of an organization effectively implementing the CIA triad to protect its assets

is a mobile payment application that allows customers to check their bank balances and perform

transactions. To ensure confidentiality, the application employs two-factor authentication,

requiring users to verify their identity through multiple methods before accessing sensitive data

(U-Next, 2024). This approach prevents unauthorized access and maintains the privacy of user

information. To uphold data integrity, the application uses hashing algorithms to verify that

transaction data remains unaltered during transmission and storage (U-Next, 2024). This ensures

that the information displayed to users is accurate and trustworthy. For availability, the

application is designed with redundancy and load balancing, ensuring that services remain

operational even during high-demand periods or unexpected failures (U-Next, 2024). These

measures collectively uphold the principles of the CIA triad, safeguarding data against

unauthorized access, tampering, and ensuring continuous availability.

Conclusion

The CIA triad is the foundation of strong cyber defense because it helps keep sensitive

information safe, ensures data remains accurate, and keeps systems running smoothly. Without

good security, hackers can easily steal data, causing financial losses and damage to a company’s

reputation (U-Next, 2024). Protecting data integrity is just as important—if information is altered
or corrupted, it can lead to serious problems. Availability matters too since businesses need their

systems to be accessible at all times. With cyber threats constantly evolving, following the CIA

triad is key to staying secure and protecting valuable digital assets (U-Next, 2024).

References

Cybersecurity & Infrastructure Security Agency (CISA). (2023). Cybersecurity best practices.

Retrieved from

https://www.cisa.gov/cybersecurity

IBM. (2024). The CIA triad: Definition and importance in cybersecurity. Retrieved from

https://www.ibm.com/security

U-Next. (2024). What is the CIA triad? Significance, examples, and applications. Retrieved from

https://u-next.com/blogs/cyber-security/what-is-cia-triad-significance-examples-applications/

You might also like