What are the three key principles of information security?

The three key principles of information security are confidentiality, integrity, and availability, often referred to as the CIA triad.

Confidentiality ensures that sensitive information is accessed only by authorized individuals, protecting it from unauthorized disclosure. This principle is essential for maintaining trust and compliance with regulations.

Integrity involves maintaining the accuracy and completeness of data. It ensures that information is not improperly altered or deleted and that it reflects the true state of the information it represents. This principle is vital for decision-making and operational processes.

Availability guarantees that authorized users have access to information and resources when needed. This principle addresses the importance of keeping systems and data operational and accessible, thereby supporting business continuity and minimizing downtime.

In contrast, other options introduce concepts that do not align with the foundational elements of information security. For example, while privacy is related to confidentiality, it is not one of the core principles itself. Management and technology pertain more to the governance and tools of security rather than its fundamental principles. Likewise, accessibility and reliability, although important in certain contexts, do not encapsulate the essential pillars of information security as defined within the CIA triad.