Based in Lunenburg, Justin Eisfeller is chief technology officer and vice president for information technology at Unitil, the utility headquartered in New Hampshire.
Updated: May 30, 2022
Know How
Four key elements of a defense-in-depth cybersecurity program
By Justin Eisfeller
The rise of ransomware and malicious cyberattacks in the past decade have driven the criticality for all businesses to expand their cyber programs to provide better, layered defenses.
Through my IT work in the utility sector, I’ve witnessed the urgent need for better cybersecurity defenses: Ransomware attacks on utilities have increased by 50% in the past two years. As critical infrastructure with a target on our backs, we know every network, application, and device must be configured with cybersecurity in mind.
To meet the modern demand, organizations including my own have adopted a defense-in-depth security program. Defense-in-depth security is about combining technology components with best practice security management to create protective layers reducing the risk of attack and intrusion. These efforts can be distilled into the following four components.
Strong defenses at and inside the perimeter
Strong technology is the backbone of a solid defense-in-depth strategy. Cybersecurity software and systems are built around protecting a company’s critical assets: financial systems, operation systems, proprietary assets, confidential data, etc. A defense-in-depth strategy layers protections on top of one another to create a multi-layered barrier. Think of it like locking all the doors in your house; even if the bad guys get in, they’ll be trapped in the mudroom without a key to go further.
The human aspect
Humans are, and perhaps always will be, the easiest attack vector for cyber criminals. In fact, human error is the main cause of 95% of security breaches. Organizations need to foster cultures where cybersecurity is at the forefront of daily operations through education programs and regular drills. Additionally, a strong cybersecurity culture needs executive buy-in to solidify security as core to the business and encourage participation in preventing and reporting attacks.
Monitoring and response activities
Cyber criminals don’t sleep, so it’s critical businesses have the ability to monitor their systems 24/7 to identify vulnerabilities, emerging attack vectors, and areas for improvement. Security operations centers can provide constant threat monitoring for organizations. If the SOC sees malicious activity, it can react and isolate the threat. SOCs can craft vulnerability assessments and risk scores to provide organizations with a situational awareness regarding their threat landscape.
Program management and continuous improvement
A good cybersecurity program is built on a foundation of continuous improvement, and that perpetual fine-tuning needs to be self-aware, strategic, and built into the organization in order to be worthwhile. By constantly evaluating every aspect of your processes and policies relative to best practices and standards, organizations can identify improvement opportunities and ensure they perform as planned.
The bottom line
A defense-in-depth cybersecurity program is about fortifying protection and driving improvement from every angle and at every level. Through an emphasis on systems, people, monitoring, and assessment, a secure cybersecurity program safeguards an organization’s critical assets without overly burdening its productivity.
WBJ Web Partners
Most Recent
Most Recent
0 Comments