Cyber defense in depth: high walls alone won’t defend the castle

By Mike stone

For business and government, cyber security is the new arms race. We defend, and the enemy counters. We respond, and so do they. The cycle escalates in perpetuity.

A strong cyber defense is an integral part of good IT operations. Operate and defend are effectively two sides of the same coin and a denial of service (DDoS) attack is still an attack whether it comes from an external source, or as a result of an error from your own IT department. You need to be able to respond to both effectively and have a clear understanding of the routes, or attack vectors, through which the breach occurred. Whether it’s a malicious attack or an error, you’ll need the same business continuity and disaster recovery plans and capabilities in place.

To truly understand the potential attack vectors, you first need to have total visibility of all the assets on your network and their current status. As part of the process, you will need to evaluate the network paths across all systems and telecom carriers. While asset classification and identification are among the less glamorous aspects of information security, they are as essential to it as they are to good IT operations.

The disturbing fact is that very few organisations have such a detailed understanding of their networks. Bad guys get in because they get to know your network a lot better than you do. They discover vulnerabilities and press at those points like a hot knife through butter.

To my mind, the safest approach is to assume that you have been compromised and work on what needs to be done to address this. I call this approach Cyber Defense in Depth.

Defending in depth

Cyber Defense in Depth is a proactive posture that uses multiple methods at different layers to protect IT systems against attacks. People tend to think of cyber protection primarily in terms of perimeter protection, such as a firewall, but forget about the other layers, which are equally if not more important. A medieval castle is a helpful metaphor: you can build higher walls, but the risk is that you become complacent and forget that attackers can still tunnel under or poison food and water stores to spread virus and disease.

There is another problem with living in a castle with high walls and closed doors: you have not only made access difficult for your enemies, but for your friends as well…Click HERE to read full article.