Availability impact is the harm that occurs when legitimate users cannot reach systems, applications, or data. In practice, this can mean a website is offline, a remote-access service fails, files are locked, backups are unavailable, or a business process slows to a stop. Unlike confidentiality or integrity damage, availability impact is measured by lost access and downtime.
It matters in cyber security because many attacks are designed to interrupt normal operations first. Ransomware, destructive malware, denial-of-service attacks, account lockouts, and infrastructure sabotage can all reduce availability. Defenders look for signs such as mass file changes, failed logins, unusual network saturation, and disrupted backup or virtualization services. Protecting availability usually means redundancy, tested backups, segmentation, monitoring, and incident response plans that let teams restore service quickly.