In this Week 1 excerpt from IMO Tech’s RMF training, I break down the CIA Triad—Confidentiality, Integrity, and Availability—because this is the core of everything we do in cybersecurity. I explain why a security program is not “complete” unless it addresses all three objectives, and I walk through what each one really means in practical terms. For confidentiality, I talk about protecting information from unauthorized access or disclosure, and I tie it back to real compliance drivers like HIPAA, PCI DSS, ISO, and for my government folks, FISMA. Then I go hands-on. I demo encryption using hat.sh to show you plaintext going through an encryption algorithm and turning into ciphertext (gibberish) until you decrypt it with the password. For integrity, I show how hashing/message digest/“fingerprint” (same concept) helps you detect tampering—especially when you’re dealing with large files or software downloads. I use an MD5 tool demo to prove that a single change in a document produces a different hash. Finally, I cover availability and why downtime is real money (think Amazon on Black Friday), and I connect it to backups, alternate processing sites, AWS availability zones, and contingency planning (CP controls like CP-9).