The two concepts share a few themes. Firstly, you want to stay safe and avoid any major interruptions or threats—not to mention, most don’t really know much about how airplanes or the internet works!
That being said, you trust the systems, so you check your baggage. It goes through security (including extra screening if deemed necessary) before being loaded onto the plane and arriving safely on the other side. The processes behind the scene ensure that everyone and everything on the airplane arrives safely at its destination, on time and ready to make their respective connections.
Emails destined for your inbox have a similar journey—before reaching their destination, they undergo a security screening to check for known cybersecurity threats. Following any further examination or quarantine, they will land in your inbox. This extra screening period is an example of one possible layer of security to consider when designing a cyber security plan. It covers just one possible point of entry or risk—many others need to be protected as well.
The importance of safety and implementing suitable procedures to mitigate cybercrime risks cannot be overstated. Global cybercrime damages are expected to exceed $6 trillion per year by 2021, with 90% of data breaches being rooted in human error. Phishing, a popular attack vector, jumped from 25% to 36% prevalence in the space of a year. Ransomware, too, has seen a significant increase during the pandemic in 10% of all verified breaches.
Despite technology making cyberattacks easier than ever, there are strategies you can put in place to mitigate risks and establish proactive measures that guard against these attacks. Two of the most comprehensive would be Layered Security or Defense in Depth (DiD).
These two strategies protect against the reality of most modern cyberattacks, which is deploying multiple simultaneous threats. Attackers might begin by sending phishing emails to get access to online accounts. Following a successful breach, they will work to deploy remote control software on your network and finally use that to exfiltrate data and hold it ransom.
These attacks are often very targeted and sophisticated, using more than one weakness to maximize the impact of their efforts. While an up-to-date antivirus software solution is a must for protecting against singular threats, it often cannot offer robust protection against compound attacks.
How Layered Security and Defense in Depth Work
There are seven aspects to layered security, with each offering an additional layer of protection against cyber threats.
Information Security Policies
Organizations must adopt security policies that prevent unauthorized access. They must also have robust security policies that help avoid data breaches and raise security awareness within the company.
We recognize that creating and updating I.T. policies is not all that exciting but having an understanding of these items can help you create a plan to protect your organization from cyber risks:
- What critical data does your business create, store, and depend on?
- Where is it located?
- How is it protected from loss, theft, damage?
- How is it backed up?
- Is it governed by any privacy legislation (HIA, PCI, etc.)?
- What is considered acceptable use of your computers?
- Can staff use personal devices to access company information?
- What management and monitoring tools are deployed on your network?
- How will you secure those devices if they are considered at risk?
Just like you’d work to secure a physical asset, you need to have physical protection for your mission-critical technology and infrastructure. Making sure that unauthorized users cannot get to the servers, switches, firewalls, storage drives, etc. is critically important—keep them in locked cabinets or rooms. This physical protection level should also extend to the devices your team uses—how do you make sure only authorized users are accessing those computers? Can you remotely lock or wipe a laptop if a device is lost, stolen, or in the possession of a rogue employee?
Your network is a collection of computers, servers, switches, firewalls, and other devices. And the security of this system is only as strong as the weakest link—you need to think of Cyber Security as a global, ever-changing priority. Keeping all of your systems patched, monitored, and secured is no part-time task since new threats are developed daily.
Inadequate patch management and misconfiguration open the door for cybercriminals. Vulnerability scans help mitigate this risk by scanning for missing patches or improper configurations. If you know that a software package is out of date, so do the hackers—they will exploit any known weaknesses to take control of those applications and interrupt your workflow.
Strong Identity and Access Management (IAM)
Restricting employee access to critical data and applications makes the process of accessing an unauthorized device much more difficult. Redundancies and conscious access protocols are necessary since advancements in cybercriminal programs have made accessing passwords and networks more accessible than ever. You’ve probably started using two factor authentication protocols intermittently—these will become standard practice and much more widely used in the future.
Proactive Protection & Reactive Backup + Recovery
Proactive protection detects and addresses security risks before they escalate into a breach. By monitoring for unusual behaviour and locking down a system when a breach is detected, you can help to minimize the potential exposure. Should your data be compromised, data restoration from backup will help restore operations much more quickly than having to recreate any information from scratch.
Continual Monitoring and Testing
Finally, failing to monitor and test your backup and disaster recovery strategy regularly is a significant oversight. You must ensure your systems are capable of recovery following any collapse. Almost all modern attacks have a component designed to target common backup systems; they want to damage the backups so you can’t recover and would therefore be more likely to pay a ransom. Having more than one copy, on more than one medium, in more than one place is essential to ensure data continuity.
As you can see, airport travel and cybersecurity follow the same principles—layered security that involves checks at multiple points to ensure the right materials are transported. Just as your identity on a flight could be fabricated for malicious purposes, so too could email content in carrying out harmful activities. No one security point is expected to capture the threat—only the collaborative effort makes for effective prevention and deterrence.
Tier 3 I.T. Services offer comprehensive packages that review, adapt, and implement new strategies for your existing cybersecurity system. Whether setting out on a new enterprise or scaling your existing infrastructure, trust our team to monitor and protect your vital data systems. Contact us to get started.