As an industry professional, you're eligible to receive a printed copy of the journal.

Fill out your address below.

Please reset your password to access the new
Reset my password
Welcome aboard, !
You're all set. We've send you an email confirmation to
just to confirm you're you.

Welcome to DRJ

Already registered user? Please login here

Existing Users Log In

Create new account
(it's completely free). Subscribe

With the continuous demand to ensure that businesses are securing the most modern technology environments, the desire to find a magical ‘one-stop’ remedy for all security problems is very common. This search has manifested itself to many in the form of a new “blinky box” such as a firewall, SIEM, or cloud-hosted EDR. However, these quick-fix solutions don’t solve every problem on their own and include several holes that allow cybercriminals to attack. With 83 percent of organizations having experienced a DDoS attack within the last two years, security is not something that can be taken lightly.

Instead of looking for a magic silver bullet for all their security needs, businesses should be viewing security from a holistic perspective. This approach would mean that businesses would focus on building a system that reduces the impact of any one protection being bypassed. One way to achieve this is through defense in depth (DiD). The DiD mindset helps to build multiple layers of controls that complement each other in protecting critical data.

The way DiD works is that each security control that is bypassed can be backed up by another. For example if the firewall is bypassed then it is backed up by cloud-hosted EDR. This is known as “layered security.” However, the DiD model is generally more thorough and would require reviewing how systems operate together in order to offer the best protection. It, therefore, goes a step further than just placing a different type of security control behind another.

As shown in the above diagram, having these several layers of security control creates a complicated labyrinth to navigate from the network edge into the inner sanctum. This prevents cybercriminals and attacks from easily getting through to crucial data and allows time for businesses to react when an attack is attempting to happen. The different types of security controls included in this method include preventive, detection and responsive. These provide multiple roadblocks for any attack.

An example of how this works would be to view phishing in the lens of DiD. Phishing is when a cyberattack is masked as a trusted entity and uses that to retrieve private data such as login credentials and credit card numbers. The traditional first step to defend against an attack like this would be an email gateway; this filters out phishing emails based on various sets of rules, heuristics, and other more advanced means. However, methods such as spear phishing attacks can bypass this security control.

This security control would then be supported by another security control called link tracking technology. Link tracking technology allows for the defenders to have visibility into the links that are clicked within emails, allowing for a business to determine retroactively who within the organization may have visited that linked site.

Both of these would be supported by user awareness training. It is necessary for businesses to educate end users on how to identify malicious emails. If social engineering is used for phishing, it can be difficult for automated systems to verify threats.

These security controls are then supported by others such as automated email pullback, two-factor authentication, browser isolation, and endpoint protection software. All these security controls working in tandem with each other creates a digital fortress between cybercriminals and businesses’ crucial data. This shows that different mechanisms layered together create a stronger overall security posture and why looking for that one-stop magic bullet should no longer be an option in an increasingly data-driven world.


Nick Defoe

Nick Defoe, Director of Information Security, US Signal

Are You Living on an [Organizational] Island?
As defined by the online encyclopedia Britannica, an island is “any area of land smaller than a continent and entirely surrounded by water.” When you live on an island, most of your life is constrained within the geographical boundaries of the territory, which includes the inherent circumstance of being surrounded by water.
Career Spotlight – Nate Bridges
EDITOR’S NOTE: The DRJ Career Development Committee is supporting this series of articles featuring the career paths of industry professionals....
Optimizing Your Data Center’s Disaster Recovery Plan
As part of every business plan, there should be a disaster recovery approach that plans for natural, cyber, and emergency...
Jumpstart your Disaster Recovery and Remote Work Strategy: 6 Considerations for your Virtual Desktops
White paper sponsored by teradici Virtualized desktop infrastructure (VDI) has become a strategic choice for many IT organizations because it...