Case file

CIA triad as a security mindset with balance exercise

Foundations governance engagement: drilled Confidentiality, Integrity, and Availability as a balanced security mindset; completed the interactive exercise recovering THM{CIA_IS_ABOUT_BALANCE}.

Foundations12 minCIA Triad · Security Mindset · Governance
01

Engagement summary

Mapped each pillar to unauthorized access, modification, and downtime scenarios; closed with the balance exercise artifact.

THE CIA TRIAD reinforced the same three pillars as Principles of Security, with emphasis on mindset rather than glossary. Integrity prevents unauthorized modification and is the pillar hit when data becomes untrustworthy. Confidentiality prevents unauthorized access. Availability ensures users can reach data when needed. Collectively these pillars are the CIA Triad — not a compliance slogan but a Security mindset for adjudicating design trade-offs. Interactive exercise required balancing controls across pillars; completion artifact THM{CIA_IS_ABOUT_BALANCE}. Operator briefing to leadership: every ransomware, insider, and outage story maps to at least one pillar — remediation owners should be named per pillar, not only per CVE.

Business impact

Over-weighting Confidentiality (lock everything down) without Availability planning creates shadow IT. Over-weighting Availability without Integrity checks ships corrupted data. Balance is the deliverable.

02

Pillar drill and balance artifact

Recorded pillar mappings and the engagement exercise flag.

ANALYST · GOVERNANCE

savvy@lab:~$ # prevent unauthorized modification

Integrity

savvy@lab:~$ # prevent unauthorized access

Confidentiality

savvy@lab:~$ # usable when needed

Availability

savvy@lab:~$ cat engagement/cia_balance.txt

THM{CIA_IS_ABOUT_BALANCE}

Remediation

Add CIA impact fields to incident tickets and architecture reviews. Train non-security leads on the three questions: who can see it, who can change it, can we use it under stress?