What You Need to Know About Cyberattacks — Part 4
--
Cyber Security 101, Terminology, Actors, Solutions: Security with Firewalls & XDR
As this weekend's Kaseya breach once more illustrated, cybersecurity is a constant battle. There are experts on both sides trying to outsmart each other. As the weapons and attack strategies evolve, the defense systems need to be adapted.
In part 1 of this series, I explained that the first line of defense used to be your perimeter security. This was the (fire)wall you tried to build around your castle.
Today, we’re no longer protecting a castle. Modern corporate infrastructures are like sprawling metropolitan areas. There’s no clear front to defend in this scenario. This is urban warfare. Every part of your city is under siege.
You’re defending a city full of different infrastructure. There’ll be people working in the city center (the headquarter) and on the outskirts (branch office, shops, home offices, etc.). And, don’t forget, the network, the transportation systems, and roads connecting the different locations have to be protected.
Your users move about in and between these locations using different vehicles (laptops, tablets, mobile phones, etc.) to access your applications and data.
They‘re everywhere. You never know who’ll be doing what, where, or when, but you have to keep watch and protect all of it: the people, the network, the data, the apps, and the devices.
Your Defense Strategy
There’s no longer a clear distinction between inside and outside. One wall won’t be enough to keep control. You’ll need to build many walls (segmentation).
Within these segments, you have to deploy security cameras and drones. Surveillance systems will be equipped with weapons to stop the enemy on sight if necessary (Detection and Response).
Access to a house, street, or backyard in your city will be given only on a need-to-enter basis. Every single visitor needs to be authorized, authenticated, and logged. Consider your city a Zero-Trust environment.
You’ll need to use face recognition and biometric access control on top of code words for dual authentication (2-factor authentication).
