You’re an expert in your industry, right? Being in your field and exposed to it daily you instantly see more about it than I do. That’s natural.
Industry trends, changes by big players, news stories…they all call out to you because you’re aware of them and knowledgeable. I might not even see or be aware of even a tenth of what you see. It completely makes sense.
We’re in the IT world and we see a lot that others don’t. You might be aware of some major security breaches or just the general concept that it happens. I don’t expect you to actually know about cybersecurity though. How big it is. How bad it is.
It’s not some kid in his mom’s basement messing around hacking. It is organized crime and very mature, developed, and networked. That every business, big and small, is at risk. There are all sorts of statistics about the average costs of breaches being in the millions and that attacks exponentially increase by double digits every year.
These are the facts, and they are overwhelming to say the least. A bit scary if you really think about it.
But I’m not trying to scare you, I’m trying to inform you. This is educational so you know how to protect yourself.
Just like you don’t really need to know the current crime rate of your city to know you should lock your door when you leave the house. You probably inherently know there are cyber threats out there you should protect yourself against, but just don’t fully understand what “lock” to put on your door.
So here I will break down what is officially called Defense-in-Depth Cybersecurity. We here at Xentric just refer to it as Layered Cybersecurity because it isn’t such a convoluted name, and it is far more descriptive about what we are talking about.
As “Layered” indicates, your security should be in layers. What does that mean?
Back to the locked door analogy, you have a lock on your door. Plus, a deadbolt. Then you add an alarm system. You have a dog in your yard, with a fence around that. You have cameras viewing all the areas of your property.
That’s layers. Your security isn’t reliant on just one thing. They cover each other and for somebody to break in they need to bypass multiple measures in place. Can they get by one? Definitely. Can they get by multiple? Maybe. Can they get by all? Possibly, but at the very least you’ve got an action plan with recordings of them to hand over to the police.
Cybersecurity works the same way. Gone are the days of just having antivirus to protect you. Threats are complex and elaborate. You need multiple tools covering all your bases.
Common components, or “layers”, of Defense-in-Depth cybersecurity consist of:
- Access Control
- Perimeter Security
- Network Security
- Endpoint Security
- Data Security
- Application Security
These are various aspects of controlling entry and access to your business and protecting it from the inside against threats, breaches, and disasters. The tools utilized to protect each aspect are also varied and layered.
These are the common cybersecurity tools you should have in place with a Defense-in-Depth approach:
- Firewall
- Email Security
- Antivirus
- 24/7 Monitoring
- Access Management
- Password Manager
- MFA
- Encryption
- Employee Training
- Backup & Disaster Recovery
I’m not going to go into the details of each of those items. If you want to know more, reach out and we can cover exactly what everything is (and more). More importantly though, you should know how this approach benefits your business.
Here are 7 advantages of implementing a Defense-in-Depth approach to cybersecurity:
Strengthened Protection
The end goal in all of this is to protect you and your data. Implementing combinations of security tools will make it harder for any criminal to breach your network. If one layer fails, then others still remain to protect your network. The use of multiple tools reduces the chances of a successful attack.
Removes Single Point of Failure
No security is ever bulletproof. Nothing is ever 100% perfect. Especially in regards to technology where you have ever updating software and hardware from multiple companies all working together – there will be gaps.
However, it is possible to remove your Achilles heel. Achilles was the strongest soldier with only one weak point, which was his undoing. You don’t have to have a single weak point that can cause your entire security to collapse. With security layers you have a resilient defense. The better you diversify your security tools, the more robust it becomes.
Detection and Response
Not all security types are equal. Just as the door lock is designed to keep people out, your alarm isn’t designed to function that way. It is designed to alert you, a security team, or possibly the police, of a break in. In the cybersecurity world that is what we refer to as Detection and Response.
This is quite frankly a very overlooked feature in business security planning. The goal is not to stop a breach, but to minimize the impact a breach has by mitigating it immediately. This is especially important in terms of cybersecurity (as opposed to the burglary analogy) because a breached network may not be identified as breached for months – all the while the criminal is collecting data and waiting for an opportunity to strike.
Advanced Threat Protection
Cybersecurity is a cat-and-mouse game. Preventative blocks are made against threats. Criminals create new threats or workarounds, so new blocks need to be made. It’s continuous and never-ending. It continually gets more complicated as well. That’s why threats today aren’t just simple viruses (even though those still exist).
Advanced threats require advanced threat protection. New “next-gen” technologies are available that are designed for this purpose. They include a slew of technologies aimed at behavioral analytics. Scanning of behaviors and actions taken helps identify threats. Machine learning and artificial intelligence power these tools, which are the main identifiers of zero-day exploits (the first day a threat is released, before anybody knows that it even exists) and targeted attacks. It is real-time analysis of pattern detection to identify if something is wrong.
Compliance and Regulator Requirements
Does your industry require specific compliance? Defense-in-Depth security can help you meet these requirements. We have retailers that need PCI compliance for their payment machines and health organizations that need to stay HIPAA compliant with patient data.
Being proactive on your security will meet all your benchmarks for compliance and show efforts to such effect, which can help avoid legal or financial penalties if ever in question. If you ever consider getting cybersecurity insurance, then these are all the same topics any insurance company is going to ask as well.
Flexibility and Scalability
With technology that is ever changing adjusting to threats that are ever changing, being flexible and scalable is a requirement. Existing tools, like the ones I’ve mentioned, should be able to adjust to the threats as time goes on. If new tools are required as you expand your infrastructure, you can add to your existing security tools without disrupting anything. Your security can grow in line with how your business does, remaining effective and keeping you safe.
Trained Front Line
Cybersecurity isn’t all about technology. Have you noticed the scams and phishing attempts out there? There’s a reason for that; employees are one of the top reasons why breaches occur. If you think about it, they are the ones in the trenches daily, doing the work and exposed to all the socially engineered email and SMS attacks.
You essentially have a choice on how to handle this fact. You can chalk it all up to your employees being your weakest link and micromanage them. You don’t have time for that, and they won’t be happy or productive if you do. So instead, you can treat them like they are your valued front line protecting your company. Empower them by training them. Educate them on what threats exist, and the types of common tactics that are used.
Training should NOT be boring. Don’t sit them in a room with a 900 slide PowerPoint presentation and bore them to death. Their training should be informative but also fun and engaging. Gamify it so they want to do it. They’ll end up learning, and retaining, more this way. Training should also be ongoing, or at least periodic in nature. It keeps the concept front of mind and everybody alert and ready.
Additionally, part of this is having a game plan for when threats arise. Employees aren’t confused about anything; they know what to do. What to report, who to report to, and how serious it is. Many times threats don’t get handled appropriately because employees don’t know who to tell, assume that somebody else handled it, or are embarrassed that they fell for a trick and don’t want to be humiliated or reprimanded for it.
Tying it all together
Tying all of these together, adopting a Defense-in-Depth strategy for your security creates a cohesive package. Your layers of cybersecurity are handling keeping threats out, handling anything that gets in, and having your team involved to protect and report any incidents.
It’s a lot to digest and I don’t expect it all to absorb and make sense in one article. What you should take away is that adopting a layered security approach is the proper way to handle cybersecurity today. What specific tools you need to have in place can vary. Some are a requirement while others might have great or nominal improvements based on your company’s infrastructure and how you function. Want to find out what is right for you? Get in touch for a free consultation.