Introduction
The CIA Triad — Confidentiality, Integrity, and Availability — is the foundational model used to evaluate and design information security. Nearly every security control, policy, or incident can be understood in terms of which of these three properties it protects or violates. Despite the name overlap, it has no relation to any intelligence agency; it is a purely conceptual framework.
Cricket analogy: Just as every cricket dismissal is scored as bowled, caught, or run-out, every security event can be classified as a breach of confidentiality, integrity, or availability, giving analysts a shared vocabulary the way scorecards give commentators one.
Explanation
Confidentiality means that information is accessible only to those authorized to see it. It is enforced through mechanisms like access controls, authentication, and encryption. Integrity means that data is accurate, complete, and has not been altered by unauthorized parties; it is protected through mechanisms like checksums, digital signatures, and version control. Availability means that systems and data are accessible to authorized users when needed; it is protected through redundancy, backups, and capacity planning to resist disruption. These three properties often exist in tension — for example, strong confidentiality controls (multiple authentication steps) can reduce availability (slower access), so security design involves balancing all three based on the value and sensitivity of the asset being protected.
Cricket analogy: Confidentiality is like a dressing room where only registered players and support staff can enter; integrity is the umpire's decision review system ensuring the scoreboard reflects what actually happened; availability is the stadium gates opening on time so ticket holders aren't locked out, and adding extra security checkpoints (like multi-factor entry) can slow the queue just as MFA slows login.
Example
Confidentiality violation:
An attacker breaches a hospital database and downloads
patient records without authorization.
Integrity violation:
An attacker gains access to a grading system and
changes their exam scores without detection.
Availability violation:
An attacker floods a company's website with traffic
(a denial-of-service attack), making it unreachable
for legitimate customers.Analysis
Each example maps to exactly one leg of the triad, but real incidents often touch more than one. A ransomware attack, for instance, typically violates availability (files are locked and inaccessible) and may also violate confidentiality (attackers exfiltrate data before encrypting it) and integrity (files may be corrupted). Security professionals use the CIA Triad as a diagnostic tool: when assessing risk or designing a control, they ask which of the three properties is at stake and prioritize controls accordingly. A financial ledger, for example, prioritizes integrity above all; a public news website prioritizes availability; a medical record prioritizes confidentiality.
Cricket analogy: A pitch invasion that damages the wicket and steals equipment from the dressing room hits availability (match delayed) and confidentiality (team strategy notes stolen) at once, just as ransomware often locks files and exfiltrates them simultaneously, so a financial ledger-like scorecard must prioritize integrity above all.
Key Takeaways
- Confidentiality: only authorized parties can access information.
- Integrity: data remains accurate and unaltered by unauthorized parties.
- Availability: systems and data are accessible to authorized users when needed.
- A single incident can violate more than one leg of the triad simultaneously.
Practice what you learned
1. A hacker steals unencrypted customer records from a database. Which part of the CIA Triad is violated?
2. An attacker secretly alters financial transaction records without detection. Which property is violated?
3. A denial-of-service attack floods a server so legitimate users cannot reach it. Which property is violated?
4. Why might increasing confidentiality controls reduce availability?
Was this page helpful?
You May Also Like
What Is Cybersecurity?
An introduction to cybersecurity as the practice of protecting systems, networks, and data from digital attacks.
Security Terminology Basics
Precise definitions of vulnerability, threat, risk, exploit, and attack surface, and how these core terms relate.
Access Control Models
Compare DAC, MAC, and RBAC access control models and understand who decides permissions in each approach.
Denial-of-Service Attacks
DoS vs DDoS explained, including botnets, and how rate limiting, scrubbing, and CDNs absorb attack traffic.