Justin Eisfeller
Updated: August 18, 2023
How To
How to create an in-depth cybersecurity defense system in 4 steps
By Justin Eisfeller, Unitil Corp.
The rise of ransomware and malicious cyberattacks in the past decade has driven the criticality for all businesses to expand their cyber programs to provide better, layered defenses.
Through my IT work in the utility sector, I’ve witnessed the urgent need for better cybersecurity defenses firsthand: ransomware attacks on utilities have increased by 50% in the past two years.
As critical infrastructure with a target on our backs, we know that every network, application, and device must be configured with cybersecurity in mind.
In today’s tech-savvy workplace, the challenge lies in balancing new capabilities that improve productivity, while mitigating the associated risks.
Defense-in-depth security is about combining technology components with best practice security management to create protective layers that reduce the risk of attack and intrusion.
Strong defenses
Strong technology is the backbone of a solid defense-in-depth strategy. Cybersecurity software and systems are built around protecting a company’s critical assets: financial systems, operation systems, proprietary assets and confidential data. A defense-in-depth strategy layers those protections on top of one another. Think of it like locking every door in your house; even if the bad guys get in, they’ll be trapped in the mudroom without a key into any other room in the house.
The layered protections safeguarding your organization’s critical assets can be broken down into five categories: perimeter protections, network protections, endpoint protections, application protections, and data protections.
The human element
Humans are, and perhaps always will be, the easiest attack vector for cyber criminals. In fact, human error is the main cause of 95% of security breaches. But there’s hope for the future; although employees have often seen cybersecurity as a hindrance to their job productivity, that mindset is shifting as cyber attacks become the subject of more and more headlines.
Organizations need to foster cultures where cybersecurity is at the forefront of daily operations. That means cultivating employee cyber knowledge and then testing that knowledge with drills. Beneficial strategies include cybersecurity awareness training, simulated phishes, and additional training and resources for high-risk employees. For high-risk employees, it’s important to focus on education rather than punishment. Sometimes, however, intervention and restricted access are needed to alleviate risk.
Monitoring and response
Cyber criminals don’t sleep, so it’s critical that businesses have the ability to monitor their systems 24/7 to identify vulnerabilities, emerging attack vectors, and areas for improvement.
Security operations centers can provide constant threat monitoring for organizations. Whether external or in-house, SOCs ingest everything from firewall data to endpoint data, combining advanced analytics and threat intelligence for immediate identification of suspicious activity along with the ability to take immediate actions.
Continuous improvement
A good cybersecurity program is built on a foundation of continuous improvement — and that perpetual fine-tuning needs to be self-aware, strategic, and built into the organization in order to be worthwhile. By constantly evaluating every aspect of your processes and policies, organizations can identify opportunities for refinement and ensure they’re actually doing what they set out to do.
Companies can leverage an external expert to identify areas of improvement, and develop an action plan from there.
The bottom line
A defense-in-depth cybersecurity program is about fortifying protection and driving improvement from every angle and at every level. Through an emphasis on systems, people, monitoring, and policy assessment, a secure cybersecurity program safeguards an organization’s critical assets without overly burdening its productivity. If you haven’t already, your organization should prioritize a cyber program that will keep critical business operations running and ensure your data is protected.
Justin Eisfeller is chief technology officer and vice president of IT at Unitil.
Most Recent
Most Recent
0 Comments