cyber security training

CIA Triad: The Concept of Confidentiality

The first principle of the CIA Triad is confidentiality. Confidentiality is the concept of protecting data, resources, or objects through a means of secrecy. This security measure means that anyone who is not authorized to access or interact with resources cannot do so.

Protection Examples:

You can protect your resources by using encryption, access controls, and/or other techniques such as steganography.


Confidentiality is important because resources from unauthorized access. If a threat is able to bypass the confidentiality security mechanism, unauthorized disclosure can take place.

Attack Vectors:

Capturing network traffic, social engineering, port scanning, password cracking, shoulder-surfing, eavesdropping, escalation of privileges.

Final Thoughts:

One of the most common reasons threats are able to exploit the confidentiality security measure is due to human error. Such as failing to encrypt communication, lack of access control policies, or simply by walking away from a computer while logged in.

Similar Posts