Ravi Das kicked off this series by explaining the basics of taking a layered approach to Cybersecurity. In this article, he explains why a layered security approach is important from the standpoints of both a business/enterprise and its customers.
Why Layered Security Is Important
As it has been alluded to earlier, deploying a Layered Security approach is very important for two reasons:
- It can protect the customer base of the organization.
- It can protect the business entity itself.
The details of the strategies that need to be implemented in both instances are outlined below:
From the Customer Standpoint:
- Protecting the confidential information: This includes the username and password, as well as any financial information that is transmitted from the customer to the server. In this case, the use of Secure Sockets Layer (also known as “SSL”) certificates is most appropriate.
- Detecting fraud: By instating multiple layers of security, any fraudulent activity that takes place upon an unsuspecting customer can be much more easily tracked down, and very quickly. In this case, using Artificial Intelligence (AI) tools would be of great strategic advantage.
- Message integrity: Whenever a customer is signing legal documents electronically, it is up to the receiving party (which is the business entity that is selling the products and services to this customer) must ensure that the documents remain intact during network transmission. This is also known technically as “Message Integrity.” In this regard, multiple layers of Encryption and Cryptography must be used, especially when it comes to safeguarding the electronic signature so that it is not easily forged.
- Electronic communications: Although the phone option for accessing customer support to an organization remains, the use of Email and chat agents is becoming much more popular for the customer. In these instances, the messages that are transmitted via both mediums must be protected with multiple layers of security, by using the principles of Encryption and Hashing.
From the Business/Enterprise Standpoint:
From the perspective of the business, there are two very broad types of Cyberthreats they can be exposed to, thus making the case even stronger for using a Layered Security approach:
- Passive Attacks: This is when a Cyberattacker tries to tap into and covertly listen into the lines of communication between a business or a corporation, and their respective customers (as well as potential customers) and suppliers/distributors. This can be done either using a Network-based or a Systems-based approach. This kind of attack has been deemed one of the most difficult to detect.
- Active Attacks: This is when a Cyberattacker tries to break down the walls of defense of an organization, in order to get access to the IT Assets that reside within the IT and Network Infrastructure.
It is important that, although both threat variants are actively used, it is the latter which gets the most publicity and notoriety. Examples of this include the Marriott Hotel Group breach, the Target security breach (in which millions of credit card numbers were stolen), the British Airways website hack, the Equifax security breach, etc.
The rest of this article will examine the types of controls that are needed to be implemented for a Layered Security approach for the business enterprise, and what the specific components are for a Layered Security Model. A future series will examine how this approach can be used for protecting the customer in much more depth.
What A Layered Security Approach Should Address
The Layered Security Model for a business or a corporation should contain the following types of controls:
- Administrative Controls: These are the specific policies and procedures that have formulated to mitigate the risks of a Cyberattacker from penetrating any known and unknown vulnerabilities, gaps and weaknesses. These are typically that have been set forth to handle confidential and sensitive data, both business and customer wise.
- Physical Controls: This involves protecting all the physical (or tangible) IT Assets of a business or a corporation, which includes the servers, workstations, and any form of wireless device that has been issued to an employee. A Layered Security approach can make use of a combination or all the following:
- Standard door and electromagnetic locks
- Smart Cards that can be swiped into a reader
- Biometric devices (primarily that of Fingerprint Recognition and Hand Geometry Recognition)
- CCTV cameras
- Trained security guards.
- Technical Controls: This includes protecting all the Digital based (or intangible) based IT Assets of the organization. This can be a quite exhaustive list, but a representative of this includes the following:
- Antivirus and antimalware software packages
- Network intrusion devices
- Email encryption
- Password managers
- Single sign-on solutions.
The three types of controls described above are visually depicted in the diagram below.
Source 1 https://www.imperva.com/learn/application-security/defense-in-depth/.
Next up: Ready to implement a Layered Security Model for your business or enterprise? In the next article, you’ll learn how and why to create a plan and thoroughly test the model before you deploy them into the actual production environment.
General supporting sources:
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.