Your search is running...

Defense in Depth For Companies

Introduction

Defense in Depth is a comprehensive approach to cybersecurity that recommends companies to use a combination of security tools to protect fundamental (crucial) data and block threats. This strategy helps small and medium enterprises to develop redundancy to ensure that all attack surfaces are protected, including devices, data and employees.

Adopting an defense in depth security measures offers companies more than one line of defense when a cybercriminal tries to gain access to sensitive data. These integral solutions, which sometimes overlap, include physical, administrative and technical controls.

  • Physical controls are security measures that physically protect computer systems such as a locked door.
  • Administrative controls are security policies and procedures proposed by an organization, such as safety training for employees.
  • Technical controls use hardware and software, such as antivirus and encryption to protect computer systems.

How Defense in Depth Works?

Originally the term was a military strategy that aimed to slow down or delay the advancement of an attacker instead of using immediate reprisals with a single line of defense.

As companies and technology have evolved, it is clear that the same theory should apply to data protection. Originally, company data was physically protected, usually focusing on the security of company buildings or archives. However, today sensitive data no longer has a physical perimeter. Data gaps are headlines every day and cybercriminals find new tactics to penetrate networks. Many layers help against entry roads.

The defense in depth works for companies by implementing the three controls mentioned above (physical, administrative and technical) making it extremely difficult for unauthorized access to the data to be achieved and, if they succeed, ensure additional protection in that place so that There is no gap in the network. Compared to its originally military term, the strategy recognizes the possibility of an attack and is prepared to slow down or stop the attacker's progress.

For example, if an attacker sends a phishing email and an employee clicks on the link, the technical controls are in place to protect against any malware that is beyond. Cybersecurity products, such as secure web link doors, verify that the links do not contain harmful content or hidden malware.

The importance of the three controls working together is what makes this defense strategy a powerful approach for SMEs, which are among the most affected target groups.
Let's go deeper into each control.

The picture below shows the structure in of the Defense in Depth concept following the Onion Model.

Physical Controls

These controls are put in place to protect computer technology from being physically compromised. By placing computing devices and systems inside a closed installation, the secure building ensures that unauthorized personnel do not access devices that contain confidential business data.

Security cards with specific access, security cameras and alarm systems, monitored, are effective ways to implement physical controls and ensure the first and most basic part of an in-depth defense strategy.

Administrative Controls

Employees are a known risk for safety. They are not familiar with all vulnerabilities or cyberattack tactics and therefore need guides to keep company data safe.

Training employees to protect sensitive information, keeping software up to date, and keeping applications and data accessible only to the necessary personnel is a good first step in executing administrative controls.

Technical Controls

Technical controls protect hardware, software and network systems. This control is possibly today the most important in the digitally driven world.

Keeping companies' networks secure is essential, a security breach could lead to reputational damage, monetary loss and customer mistrust.

Last Word

Remote workers, cloud services, and web applications make access to networks easier for cybercriminals from anywhere in the world. Attack surfaces grow rapidly as new devices and applications are introduced to make operations more efficient. Data is collected and stored in third-party applications or in the cloud. The pathways for cyberattacks are now basically endless. A security layer is no longer enough.

Most companies have strong physical controls in place, but lack the necessary technical and administrative controls for a complete defense. The technical controls and security layers that SMEs should focus on are listed below. They are considered basic because they protect against most threats that could cause immediate inactivity.

  • Antivirus
  • Secure Web Gateway (Secure Web Gateway).
  • Firewall
  • Patch Management
  • Backups & Recoveries

As your business grows and adopts additional services in the cloud, these extra layers of security are becoming increasingly important.

  • Two factor authentication (2FA).
  • Secure internet link ports.
  • Intrusion detection systems (IDS) and intrusion prevention systems (IPS).
  • Encryption
  • Data loss prevention (DLP).
  • Virtual private network (VPN).