Stepping Up Your Cybersecurity with Defence in Depth (DiD)
Any business or organization must prioritise cybersecurity. Threats to an organization’s operations, data, and reputation change along with technology. The Defence in Depth (DiD) strategy is one of the best strategies to protect against these dangers.
DiD is a cybersecurity strategy that layers various deterrents to safeguard the business. Since no security mechanism can be relied upon to withstand every attack, combining multiple levels of security is more efficient. The National Security Agency (NSA) was the first to come up with this layering strategy, which was modelled after a similar military concept. Layers of defence in the military help purchase time. In IT, this strategy is meant to completely avoid an issue.
Essential elements of DiD
Implementing all the components of a successful DiD approach can reduce the possibility that threats could fall through the cracks. These components consist of:
- Firewalls
A firewall is a security system comprised of hardware or software that can protect your network by filtering out unnecessary traffic and blocking unauthorized access to your data.
- Intrusion prevention and detection systems
Intrusion prevention and detection systems scan the network to look for anything out of place. If a threatening activity is detected, it will alert the stakeholders and block attacks.
- Endpoint detection and response (EDR)
Endpoint detection and response (EDR) solutions constantly monitor endpoints to find suspicious or malicious behaviour in real time.
- Network segmentation
Once you divide your business’s network into smaller units, you can monitor data traffic between segments and safeguard them from one another.
- The principle of least privilege (PoLP)
The principle of least privilege (PoLP) is a cybersecurity concept in which a user is only granted the minimum levels of access/permissions essential to perform their task.
- Strong passwords
Poor password hygiene, including default passwords like “1234” or “admin,” can put your business at risk. Equally risky is the habit of using the same passwords for multiple accounts. To protect your accounts from being hacked, it’s essential to have strong passwords and an added layer of protection by using practices such as multifactor authentication (MFA).
- Patch management
Security gaps left unattended due to poor patch management can make your business vulnerable to cyberattacks. When a new patch is delivered, deploy it immediately to prevent exploitation.
How IT service providers help defend against threats
An IT service provider will help you divide DiD into three security control areas:
- Administrative controls
The policies and procedures of a business fall under administrative controls. These controls ensure that appropriate guidance is available and security policies are followed.
Examples include hiring practices or employee onboarding protocols, data processing and management procedures, information security policies, vendor risk management and third-party risk
management frameworks, information risk management strategies, and more.
- Technical controls
Hardware or software intended to protect systems and resources fall under technical controls. They include firewalls, configuration management, disk/data encryption, identity authentication (IAM), vulnerability scanners, patch management, virtual private networks (VPNs), intrusion detection systems (IDS), security awareness training and more.
- Physical controls
Anything that physically limits or prevents IT system access falls under physical controls, such as fences, keycards/badges, CCTV systems, locker rooms and more.