By: Charles Owen-Jackson
June 17, 2020
The Why, What, and How of Layered Cybersecurity
By: Charles Owen-Jackson
June 17, 2020
How the different layers of cybersecurity protect business in an evolving threat landscape
As industries innovate at breakneck speed to keep up with modern demands, they’re facing a serious challenge mitigating the risks along the way. Every extra user account, device, online service, and application adds another potential entry point for cyberattackers. Attack surfaces have expanded to the point they’ve become near impossible to manage at scale if you’re only relying on traditional countermeasures.
Multilayered cybersecurity is like a digital analog to a medieval castle. The central keep holds the most valuable assets, much like your servers host your mission-critical assets, or the ‘crown jewels’ as they’re sometimes known. A moat and high walls help prevent attackers from reaching the interior of the fortress, much like network- and application-level controls prevent cyberattackers from reaching your data. While there’s no such thing as an infrastructure that’s 100% secure, a comprehensive, multilayered approach to cybersecurity is the closest thing to it.
While there are many types of cybersecurity like cloud, IoT, critical infrastructure, application, network, and more, many of them, if not all, can be segmented into core layers.
Everyone on your team who works with potentially sensitive data should have at least a basic understanding of the following key layers of cybersecurity:
Layer 1: Physical
Physical security encompasses the physical, as opposed to digital, measures taken to protect computing hardware, software, networks, and personnel. Physical security reduces the risk of sensitive data being stolen due to break-ins and entry by unauthorized personnel. It also helps keep assets safe from natural and accidental disasters.
The importance of physical security is often overlooked in favor of technical threats, such as hacking and malicious software. However, a lack of adequate physical security can result in attacks being perpetrated using brute force alone with little or no technical knowledge.
Some of the most common physical security measures are locks, access control cards, and biometric scanners protecting areas like server rooms. Security may be further enforced using surveillance cameras and intrusion detection sensors.
Layer 2: Data
Every modern business deals with data in increasingly large volumes. Data varies enormously with regards to how important it is and how sensitive it is. Some data might be mission-critical, in which case its compromise could have catastrophic consequences for your business. Data security serves to protect that data both in storage and in transit.
Data security doesn’t guard against breaches itself, but it does ensure the data is useless if it does end up in the wrong hands. For any data subject to regulatory compliance, like personal or financial information, it’s a legal requirement to have certain security controls, like encryption, in place.
Encryption is the most common example of data-level security. The Advanced Encryption Standard (AES) 256-bit keeps data safe from prying eyes by making it unintelligible to anyone without an authorized key.
Layer 3: Application
Data is only useful if it’s accessible, and for that, you need an application which can read it. At the same time, the application itself must be secure. Application-level security is normally applied during the development stage, but there are also many tools and methods to improve security after the application has been released.
Technically minded cybercriminals may target vulnerabilities in software, some of which aren’t revealed until after they’ve already been exploited. Potentially harmful software vulnerabilities can be found in any software ranging from desktop and mobile apps to operating systems to the underlying firmware on each device.
Boosting application-level security is largely a matter for developers, who create patches to address any potential vulnerabilities. However, it’s still up to end users to ensure they install all critical security updates as soon as they become available. Enterprises with proprietary software often have dedicated teams for testing and patching internal applications.
Layer 4: Endpoint
An endpoint represents any physical end point in a network – in other words, any device that transmits data. This includes desktops and laptop computers, mobile devices, IoT devices, and networking hardware. If a device is connected and/or it stores potentially sensitive data, then it too must be protected.
One of the biggest challenges of endpoint security is the rapidly growing number of devices in a typical organization. There are already over 22 million connected devices in the world, and every single one of them is a potential access point for cyberattackers.
The most common way to protect an endpoint is using a password. However, passwords alone aren’t sufficient in an age of widespread phishing attacks, hence the importance of multifactor authentication. This protects endpoints and user accounts by asking users to verify their identity with a single-use security token or a biometric like a fingerprint scan.
Layer 5: Network
Network security focuses on protecting the entire network. The biggest challenge here is that today’s business networks are rarely confined to a single physical environment like an office. Instead, they incorporate a huge range of systems, including employee-owned devices and cloud-hosted resources.
Network-layer security is all about protecting your communications by ensuring that sensitive data doesn’t stray outside your network. When data does need to be transmitted across public channels, it must follow proper security controls and policies.
Although individual endpoints are commonly protected by firewalls themselves, businesses often deploy a unified threat management (UTM) solution between their network and the public internet. UTM solutions incorporate firewalls with rules-based intrusion detection and prevention. Today’s network-layer security measures must go beyond internal networks to incorporate cloud-hosted applications and data and mobile devices too. After all, the new cybersecurity perimeter is far wider than it once was.
Layer 6: Human
Last, but certainly not least, we have the human element. People are the first and last line of defense in any cybersecurity strategy. You cannot rely on technological and administrative measures alone to protect your business when human error is responsible for 95% of all data breaches.
The truth is, most cyber attackers aren’t ‘hackers.’ Most of them aren’t any more technically competent than the layman. Instead, they rely on social engineering methods to dupe victims into giving away sensitive information like decryption keys or login credentials or downloading malicious software.
There’s only one way to ensure the human layer in your cybersecurity strategy is up to scratch, and that’s through proper training. Cybersecurity training is also a legal requirement for certain roles, such as healthcare professionals or anyone who handles client payment information. Technologies like data loss prevention, artificial intelligence, and monitoring can help boost the human layer by substantially reducing risk, but they’re no substitute for education.
Cybrary provides the educational resources you need to transform your workforce from the weakest link in cybersecurity into an effective first and last line of defense. Request your demo of Cybrary for Teams, today!