Want to save your progress?
Create a free account to track your lessons and quizzes across devices.
Register Login
« Back to ClassCompleted: 0%

The Digital Shield - Cybersecurity Principles

Page 1 of 6

The Core Goal: The CIA Triad (Confidentiality, Integrity, Availability)

The CIA Triad is the foundational model for all of information security. It's a set of three core principles that guide security policies and practices. Every security measure and every cyberattack can be viewed through the lens of which part of this triad it is designed to protect or violate.

  • Confidentiality: Keeping Secrets

    Confidentiality is about ensuring that data is accessible only to authorized individuals. It's the principle of privacy and secrecy. A failure in confidentiality means sensitive information has been exposed to the wrong people.

    • Analogy: A sealed envelope. Only the intended recipient should be able to open it and read the letter inside.
    • How it's achieved: Access controls (usernames and passwords), permissions, and encryption, which scrambles data so it's unreadable without the proper key.

  • Integrity: Ensuring Trustworthiness

    Integrity is about maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. It ensures that data has not been modified, tampered with, or corrupted in an unauthorized manner.

    • Analogy: A legal document with a tamper-proof seal. If the seal is broken, you can no longer trust that the contents are the original, unaltered version.
    • How it's achieved: Hashing (creating a unique digital fingerprint for a file), digital signatures, and version control systems.

  • Availability: Access When You Need It

    Availability ensures that information and systems are operational and accessible to authorized users whenever they are needed. An attack that prevents legitimate users from accessing their data is an attack on availability.

    • Analogy: A bank being open during its stated business hours. If a protest blocks the entrance, the bank's services are unavailable to its customers.
    • How it's achieved: System redundancy (having backup systems), hardware maintenance, and protection against attacks like Denial of Service (DoS).