This ecosystem is composed of both technical and administrative controls, but is also comprised of as few layers as possible to create a defence in depth architecture that integrates with each of its individual pieces. Visibility is improved by removing gaps and overlaps and ultimately leads to reduced human error, nearly universally agreed as the core of most incidents either directly or indirectly.
Developed a decade ago, the Zero Trust framework has recently gained more attention due to the collective castle walls of many organisations crumbling and the owners of information systems and data becoming usurped by malicious entities. There is plenty of proof and anecdotal evidence to assure us that cybersecurity incidents are a matter of “when” and not “if”.
This voluntary framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security.
Email spoofing is a tried-and-true, favourite tactic of cyber criminals and often accompanies phishing, spear phishing, and whaling attacks on you and your organisation. With a little know-how, I could send out an email that looks like it came from the Prime Minister, my car dealership, or old matey next door. With a properly constructed message body, most would must look twice to tell the difference.
Long gone are the days when we created, stored, and used data only on one computer. We have a ton of options when it comes to removing data from a computer that doesn’t involve a wired or wireless network connection. Many of you remember having shelves full of floppy disks and odds are they’ve been replaced by drawers full of USB thumb drives and hard drives and other plug-in storage media.
The reason Anti-Virus is still current is because viruses still pose a major threat to our information systems and that isn’t changing any time soon. Just because we’re focused on ransomware and other immediate dangers doesn’t mean the threats are gone; like a good vaccine, we’re just able to handle their presence.
This is where we get down into the weeds into the heart of the systems on our networks. While some of the other components we spoke of earlier such as patching and managing permissions, here we focus on the core of what makes the system tick.
Hardening server applications really isn’t optional. You need to defend against malicious data access, theft, exposure, corruption and loss.
Also known as “sniffing”, capturing network traffic can be either proactive or reactive depending on the application. The goal is to capture the data traversing the network for the purposes of analysis and intelligence gathering and this can be done on wired or wireless networks
Also known simply as IDS or IPS, Intrusion Detection Systems / Intrusion Prevention Systems monitor network traffic for anomalies based on signatures and heuristics that vary from vendor to vendor and from implementation to implementation. Basically, they look for something that shouldn’t be there to log, alert, or take an action based on the rules we configure.
Encrypting emails between the sending and receiving servers sounds like a really good idea and when you think about it, it is. We often think of encrypting the communication between our endpoints and servers and between servers themselves to ensure our data is secure.
Like floppy disks, CRT monitors, and short commutes in light traffic, Anti-Virus seems to have fallen to the deep, dark recesses of the past. There was a time when we happily went about using our computers with little more than the operating system and a few basic applications and without the fear of the big, bad Internet.