Why defence in depth is fundamental to a company's cyber health
With more employees working from home, Covid-19 has brought with it increased risk for companies. Criminals now have ample opportunity to exploit new vulnerabilities through targeted phishing campaigns and similar, resulting in cyber-attacks that have decimated industry on a global scale.
As the second lockdown is deployed to contain the spread of COVID-19, we see similarities in the containment of computer viruses. The job of the security professional –as with medical epidemiologists, is to detect, protect and respond to the threat.
The framework by which we attempt to slow, and eventually curtail the spread of this pandemic are debated and fiercely topical. We obsess over R rates, P values and erratic covid-19 numbers.
This public awareness of risk mitigation gives us the ability to emphasise the crucial requirement for a multi layered security environment – and the ability to draw comparisons with virus control mechanisms allows us to do so. These comparisons should be considered useful – particularly when discussing security controls with board of management, CEOs and those less familiar with how security professionals implement and execute business protection.
To stretch the comparisons somewhat, we both leverage perimeter control – in our case with security operations, firewalls and Intrusion Detection Systems.
We cannot simply stop all communication in and out of a company, so we rely on a hygiene mechanisms. Substitute cryptography management for social distancing , vulnerability patching for hand washing, access management for inter county police checkpoints and endpoint security for facemasks – I know, I know, I’m stretching again! To make all this work however, we follow our colleagues in epidemiology and TEST, TEST, TEST. The earliest detection of a vulnerability gives us the greater chance of a healthy enterprise.
The deployment of the controls mentioned needs governance. Now that we can relay to stakeholders the need for multiple controls, we also need the ability to give up-to-date current information on our security posture. We need to define key indicators for each of the controls within our ISMS and develop the ability to provide current and complete data to those accountable for the security of the company – namely, the CEO and management board.
This is where Sogeti can help, our bespoke security tools will plug into an existing CMDB to provide real time technical assurance from within a company. Our unique platforms can be used in risk analysis, compliance, audit and management reporting.
We don’t test for COVID-19 once a year – we maintain a view all year round ensuring we can react appropriately. Our Synergi platform gives us this same ability across the information security domain – a real time view on the security of the organisation at any given point in time. This allows us to manage risk, compliance, audits, board requirements and more by plugging directly into a company’s configuration management database (CMDB). It can be used to analyse a small portion of your IT estate, or the full remit depending on your requirements.
- Alex MacLeanHead of Information Security
Alex MacLeanHead of Information Security