Layers of Cybersecurity – 3 Key Areas to use Defense in Depth
It’s important to start with a plan. Before you design your network security policies, you need some goals and direction. Since we offer both offensive and defensive cybersecurity services, we know what works. Start with these three key areas to defend, and use layers of cybersecurity to establish a cybersecurity strategy that works.
Defense in Depth (DiD) is an information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization (from NIST).
As IBM asserts, we should assume that we will experience security problems, and "the best defense is a thoughtful and proactive offense." Using a layered approach will provide deeper security and increased peace of mind as well.
DiD is also known as a layered approach – multiple layers of security are in place so that if one aspect fails, another will continue to protect the network.
This is an important defensive cybersecurity strategy because there is always a backup plan.
Giving attention to three key areas will help in the creation of a solid cybersecurity defense strategy.
1. People
People are your greatest resource for securing a network. If users can be properly trained, given proper permissions, and engaged in supporting the company’s mission, they will be your best advocates and defenders. The policies below help reduce the attack surface for the network, and they protect individuals – if there is a problem in the system, users without access to that area cannot be blamed.
Using least privilege ensures that employees are on a need-to-know basis. People should have access to the resources and information necessary to do their jobs but nothing beyond what is necessary.
Separation of duties is a safeguard as well, to divide administrative duties across multiple people or groups of employees. No one person or group has full control over a system, so there are checks and balances and a lower chance of fraudulent activity.
Security concerns should be embedded into employee training and relations. If employees understand the company mission and their place in it, they will also be interested in security concerns and their role in preventing a breach. If you maintain good communication and relationships with your employees, you are building good rapport and simultaneously reducing the risk of an insider threat (insider threats can be both accidental and intentional).
2. Technology
The technological aspects of a defensive cybersecurity strategy are key to preventing unauthorized access and data breaches.
Consider the technical controls of your organization. These could include installing proper firewalls, using encryption for sensitive data, and/or engaging an IPS (Intrusion Prevention System). Are all of these set up and functioning properly? If one firewall fails, which device takes over its role?
Access controls are also valuable tools. Restricting access to your sensitive devices and data will reduce your cybersecurity risk.
Use complete mediation to ensure that every attempt to access a resource is authenticated. This includes cookie and session management for every login.