For the fiftieth article I am going take a “bitsa” look at your cyber security – bitsa this, bitsa that!
Cyber Security Defence in Depth – What is it?
Defence in depth is a way of protecting information systems by using multiple layers of security controls. This means having different types of security measures in place to keep information safe. It’s like having several locks on a door to make sure it’s secure. The idea is that if one security measure fails, there are others in place to prevent a breach.
Defence in depth includes:
- training people to know how to use the system properly
- having good procedures in place
- using technology to protect the system and
- ensuring the physical environment is secure
All of this helps keep data safe from bad actors who attempt to steal or damage it.
Everyone’s first steps into Cyber Security
Anti-virus.
Probably the oldest cyber security tool we are all familiar with. I can remember getting my first computer virus on an infected floppy disc and having to fix it with Norton Anti-virus.
Get a good one – remembering that most free packages are probably limited in their capability when compared to the industry standard.
Firewalls
Your firewall creates a secure perimeter.
The first perimeter is on your PC, with the OS/software firewall. In a small office, the next is a firewall on your router/modem, securing your internal network[A1] . In a larger organisation they would have a dedicated hardware firewall, with content filtering, anti-virus capability, sophisticated rules etc. The conscientious SoHo office would replace their BT router modem with a more capable device – not expensive – but offering some of the functions of a dedicated firewall such as content filtering.
Remote Monitoring and Management (RMM) with Advanced Threat Protection (ATP)
RMM is the most cost-effective way for any organisation to monitor the devices on its network and further afield including remote and hybrid worker. Among their functionality, the best will alert your IT team if security patches are missed and prevent and/or alert you if USB portable storage devices are plugged in.
Advanced threat protection extends the functionality of your anti-virus to cloud storage and ransomware attacks.
The Cyber Security SOC – Security Operations Centre
Normally a toy for the big boys and girls but now becoming available to even the smallest organisations as SOC-as-a-Service.
A SOC will reach out to your systems, gather logs and other operational information, examine this huge amount of data and alert a skilled team of analysts if there are indications of compromise or attacks in progress. From there the people can decide what action to take or in extreme cases the SOC system can take automated actions to mitigate the issue before alerting the team.
This is the best way to keep ahead of the cyber security game.
I am adding SOC-as-a-Service to my cyber security toolkit for our clients – it launches on June 1st 2023.
People
Phishing emails and social engineering are still the main attack surface for many threat actors (UK Government. 2022). This is their way into your systems and a threat that your technical defences have to deal with as a priority. But what happens when the threat actors devise a way around your vendor’s current threat filtering? Answer – the email ends up in front of one of your people. Now it is up to them to recognise this is not an email from your best customer with promises of a new order or from the CEO asking for a money transfer to be carried, but a cyber security issue.
Here is where your cyber security awareness training comes in.
Your Cyber Security Culture
Training is essential. Add to this a cyber security culture that is supportive, does not blame and encourages communication and that makes all the layers above – and those I have missed out because this article cannot be too long – work much more effectively.
Next…
There always has to be an “after”…
Clive Catton MSc (Cyber Security) – by-line and other articles
References
UK Government. (2022). Cyber Security Breaches Survey 2022. Retrieved July 9, 2022, from https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2022/cyber-security-breaches-survey-2022
Defense in depth (computing) – Wikipedia
Further Reading
Why Should I Bother with Cyber Security Training for My Team?
When technical cyber security fails you…
Featured image Nataliya Vaitkevich
In text image Roman Odintsov