The layered approach is used to analyse weak spots in your IT system.
The concept of layered security is key to a strong and successful defence strategy. The approach uses multiple lines of defence to repel potential attacks and is based on the principle that no single form of protection is enough to stop a determined cybercriminal.
But it’s not just about applying multiple defences. Analysing weak spots in an IT system can be challenging, which is where a layered approach comes in.
Each of these five elements of an effective layered defence strategy works together, forming a mesh of protection around your organisation’s systems.
1 – Patch management
A popular technique among cyber attackers is to target software that hasn’t yet been updated to protect it from known vulnerabilities. £34 Million, this is how much money Angler, the most lucrative exploit kit, earned cyber criminals in 2017.
Once a flaw has been detected in a particular piece of software, cyber criminals can easily write scripts to search the internet for devices and systems running versions of the software and target them.
Patch management is a quick win for IT administrators, who can automate the patching of this software using scripting tools, or more sophisticated systems that download, test and administer patches from multiple software vendors.
2 – Antivirus
Antivirus services should be a key part of any organisation’s defences. Although it’s not sufficient on its own to stop attacks, it provides a useful line of defence against malicious software that can be used by attackers to gain a foothold in corporate systems.
Antivirus technology has evolved in recent times and now features more advanced capabilities that can help it to detect unknown virus and Trojan software. With so many attacks using malware as an entry point into enterprise networks, antivirus software is not optional – it’s mandatory.
3 – Web protection
According to Heimdal Security 60% of the financial malware used in 2017 was not detected by antivirus products Given that many malware strains are delivered via a browser, web protection is another important part of a layered defence strategy.
Like antivirus software, web protection services receive regular updates of domain names and IP addresses associated with malicious behaviour and can be used to block visits from corporate networks. It can also be used as a detection mechanism to spot suspicious surfing activity that could indicate an attack.
4 – Mail protection
As one of the single most important tools for a business, email is still a significant means of delivery for attackers. Aside from sending links to malicious websites or malware-infected attachments, attackers can increase their chances of success by studying a company and including pertinent details.
Ensuring that your company’s email security is up to date is critical to effective protection. Educating staff about common phishing methods and other email scams will also help prevent crude attacks from being successful.
5 – Backup
Effective backup is the final step and the critical service in a layered strategy. Ensuring defence strategies are up to date may offer peace of mind from a security standpoint, but even the best type of protection systems can be successfully compromised. The threat of attack, along with the consequences of physical data loss, makes backup a critical part of any cybersecurity strategy.
Organisations should ensure they have a tried and tested backup service. Frequent, incremental cloud-based backup services will be easier to test and guarantee, and the lack of physical backup media will reduce the risk of backup data corruption, loss or theft. The technology used in cloud-based backup usually cannot be accessed by ransomware, which makes restoring files much easier in the event of a successful attack.
Introducing layered security is not necessarily the cheapest defence method, but with the increase in vulnerabilities and the determination of criminals to exploit these gaps in organisations, it has never been more essential. Creating a layered approach to security provides a level of protection that traditional approaches on their own simply cannot match.
But it is not infallable as a defence method. Phishing and social engineering attacks are on the rise, and the easiest way of combatting the risk of one of your employees accidentally opening the business up to an attack is to build a culture of security.
Regular training on secure practices, highlighting the danger of social paths to infiltration and enforcement of password policies are all simple ways of building this culture of security, and ensures that employees are aware of the potential dangers.
Based on the ITPRO artice by Esther Kezia Thorpe “Five steps to an effective layered defence strategy” 21st Nov 2018