It’s important to start with a plan. Before you design your network security policies, you need some goals and direction. Since we offer both offensive and defensive cybersecurity services, we know what works. Start with these three key areas to defend, and use layers of cybersecurity to establish a cybersecurity strategy that works.
Defense in Depth (DiD) is an information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization (from NIST).
As IBM asserts, we should assume that we will experience security problems, and "the best defense is a thoughtful and proactive offense." Using a layered approach will provide deeper security and increased peace of mind as well.
DiD is also known as a layered approach – multiple layers of security are in place so that if one aspect fails, another will continue to protect the network.
This is an important defensive cybersecurity strategy because there is always a backup plan.
Giving attention to three key areas will help in the creation of a solid cybersecurity defense strategy.
People are your greatest resource for securing a network. If users can be properly trained, given proper permissions, and engaged in supporting the company’s mission, they will be your best advocates and defenders. The policies below help reduce the attack surface for the network, and they protect individuals – if there is a problem in the system, users without access to that area cannot be blamed.
Using least privilege ensures that employees are on a need-to-know basis. People should have access to the resources and information necessary to do their jobs but nothing beyond what is necessary.
Separation of duties is a safeguard as well, to divide administrative duties across multiple people or groups of employees. No one person or group has full control over a system, so there are checks and balances and a lower chance of fraudulent activity.
Security concerns should be embedded into employee training and relations. If employees understand the company mission and their place in it, they will also be interested in security concerns and their role in preventing a breach. If you maintain good communication and relationships with your employees, you are building good rapport and simultaneously reducing the risk of an insider threat (insider threats can be both accidental and intentional).
The technological aspects of a defensive cybersecurity strategy are key to preventing unauthorized access and data breaches.
Consider the technical controls of your organization. These could include installing proper firewalls, using encryption for sensitive data, and/or engaging an IPS (Intrusion Prevention System). Are all of these set up and functioning properly? If one firewall fails, which device takes over its role?
Access controls are also valuable tools. Restricting access to your sensitive devices and data will reduce your cybersecurity risk.
Use complete mediation to ensure that every attempt to access a resource is authenticated. This includes cookie and session management for every login.
Operations is the place where people intersect with technology. The standard operating procedures of every organization should contribute to cyber resiliency, or the ability to recover from incidents and minimize damage to key business operations.
Redundancy should be a high priority. Whether you create multiple backup copies or run multiple servers or applications, make sure you have a plan if one element fails.
It is also important to institute physical controls that prohibit unauthorized access to your network. These could include locks, gates, access codes, or security cameras.
Take some steps in all three of these areas -- people, technology, and operations -- and you will be well on your way to a more secure system.
We at StandardUser Cybersecurity are on a mission to share cybersecurity and cyber safety education with everyone, to make our world a better place. Are you with us? How can we help? Let us know today.
Whatever your cybersecurity challenge, we can help you keep your business running. We are a defensive and offensive cybersecurity company, using over 30 years of experience with active commercial and government work and proven security methodologies. We also educate teams and professionals who want to build on their skills.
We set the standard for cybersecurity excellence.