The 3 Pillars — CIA
The 3 Pillars — CIA
6:33
The Foundation of Everything
Every security decision — from choosing a password to designing a national defense system — can be evaluated against three fundamental principles. Together they form the CIA Triad: Confidentiality, Integrity, and Availability. These are not suggestions. They are the lens through which every cybersecurity professional evaluates risk, designs defenses, and investigates attacks.
🔒 Confidentiality
Definition: Information is only accessible to those who are authorized to access it.
Confidentiality is about who can see what. Your medical records should only be visible to your doctors and yourself. Your salary information should not be visible to your colleagues. Confidentiality is broken when data is accessed by someone who is not supposed to have it.
How it gets broken:
- Data theft (hacker steals a database of customer records)
- Eavesdropping on unencrypted communications
- Insider threat (an employee selling confidential data)
- Misconfigured cloud storage (a public Amazon S3 bucket exposing private files)
How it gets protected:
- Encryption (data is unreadable without the key)
- Access controls (only authorized users can access sensitive resources)
- Multi-Factor Authentication (MFA)
✅ Integrity
Definition: Information is accurate, complete, and has not been modified without authorization.
Integrity is about whether data can be trusted. When you receive a bank transfer for $1,000 — you need to be certain that nobody changed it from $10,000 to $1,000 in transit. When a doctor reviews a patient's medication record — they need to trust it hasn't been altered.
A simple way to verify integrity is a cryptographic hash — a mathematical fingerprint of a file. Any modification to the file, even changing a single character, produces a completely different hash. This is how software downloads are verified: if the hash matches, the file is intact.
How it gets broken:
- Man-in-the-Middle attacks (intercepting and modifying data in transit)
- Database manipulation by a compromised insider
- Malware that silently alters files
- Ransomware encrypting files (they become unusable — integrity destroyed)
⚡ Availability
Definition: Systems and data are accessible to authorized users when they need them.
Availability is the pillar most visible to the public. When a hospital's IT systems go down during a ransomware attack, doctors cannot access patient records. Availability failures have the most immediately visible and potentially life-threatening consequences.
How it gets broken:
- DDoS attacks (flooding a server with traffic until it crashes)
- Ransomware (encrypting all files, making systems unusable)
- Hardware failure without redundancy
- Natural disasters affecting data centers without backup sites
The Triad in Every Attack
Every cyberattack, without exception, targets at least one pillar of the CIA Triad. When you read about a new attack, ask yourself: which pillar did it break? This single question will give you a framework to understand and evaluate any security incident you encounter throughout your career.