Layers of Security Counter Security Defects
Layers of security are your best weapon in the ongoing battle against cyber threats. But many companies fall short in their implementation. Here’s an insight from an article that appeared in Forbes earlier this year:
Despite all the warnings and high-profile breaches, the state of readiness for most when it comes to cybersecurity is dismal. The need for better cyber-hygiene is evident from using stronger passwords, patching software, employing multi-factor authentication, and many other important security steps.
To the author’s point, the surrounding statistics associated with cybersecurity are alarming, to say the least:
- 78% of companies lack confidence in their cybersecurity posture (yahoo.com)
- On average, only 5% of companies’ folders are adequately protected (Varonis)
- Nealy 80% of senior IT and IT security leaders believe their organizations lack sufficient protections against cyber-attacks (yahoo.com)
- Cybercrime to cost the world $10.5 trillion annually by 2025 (cybersecurityventures.com)
- Every minute $2.9 million is lost to cybercrime. Top companies pay $25 per minute owing to cybersecurity breaches (RiskIQ)
- Malware increased by 358% last year (Help Net Security)
- Ransomware victim every 10 seconds in 2020 (Infosecurity Magazine)
Sadly, you could exhaust this blog simply by presenting all the available statistics surrounding the cybersecurity threat environment. No doubt you’ve already read other articles that do just that. But it’s not about documenting all the statistics. Instead, it’s about what you’re going to do about it.
The Advantage of Layered Security
Layered security enforces the notion that no single point in a computer environment can be entirely secure. As a result, it seeks to deploy multiple layers of protection. The more layers a cybercriminal must penetrate, the more complicated their task.
It’s a relatively simple effort for a hacker to access via a single layer. But with layers of security, they must penetrate arguably hundreds of layers. And even the best hackers generally fail when confronted by those additional layers.
The Objective of Layered Security
Layers of security cover three objectives:
- Cyber Breach Prevention: Stop cyber-attacks from happening in the first place.
- Intrusion Detection: By uncovering attacks quickly, you can remediate the attack and shutter exposed security gaps.
- Incident Response: When a security gap is exposed, respond immediately.
Layered security seeks to prevent a single vulnerability from compromising your entire system. It also incorporates as many backup points as possible. Those backups counter potential security defects exposed by a hacker.
Layered security assumes you will experience security issues. Let’s face it; you’re going to encounter intrusion attempts or denial of service attacks when connected to the internet. However, by using layers of security, even if one area gets breached, your backup layers eventually thwart the attack.
The 7 Layers of Security
If you’re an IT veteran, the concept is likely an old hat to you. After all, it dates to the 1980s. But for newcomers, there are seven layers of security with the Open Systems Interconnection (OSI) model, as shown by the diagram below. Your goal is to optimize these seven layers to reduce your attack profile.
Here are some insights into each of the seven layers of security:
- Physical Layer: The electrical cable or wireless technology connecting your devices. It transmits raw data.
- Data Link Layer: Two parts compose the data link layer – the Logical Link Control (LLC) and the Media Access Control (MAC). The former identifies network protocols, performs error checks, and synchronizes frames. The latter connects devices and defines permissions to transmit and receive data. The data link layer breaks up packets into frames and them from source to destination.
- Network Layer: First, the network layer breaks up segments into network packets and then reassembles them on the receiving end. Second, it uncovers the best path across the physical network.
- Transport Layer: The transport layer reassembles segments on the receiving end and turns them back into data used by the session layer. It controls the flow rate based on the connection speed of the receiving device. It also manages error control to determine if data was correctly received. If not, it requests a resend.
- Session Layer: This layer opens sessions and ensures they remain open during data transfer. It then closes the session when communication ends.
- Presentation Layer: It defines how two devices should encode, encrypt, and compress data to ensure it’s correctly received.
- Application Layer: The application layer presents the data meaningfully to users via web browsers and email clients. Familiar application layers include HTTP, FTP, POP, SMTP, and DNS.
Keep in mind that the seven layers focus on your network security.
Layers of Security Today
Today’s cybersecurity extends beyond your network. After all, your network is no longer defined by four walls. Instead, your network can be far-reaching, even global. That requires a broader focus that considers all mission-critical assets, including data security, application security, endpoint security best practices, network security, perimeter security, and human security.
| Security Control | Most MSPs | 2020 Standards | 2021 & Beyond Standards |
| Assessment Tools |  |  | |
| Anti-Spam | | | |
| Group Policy Management | | | |
| Anti-Virus | | | |
| Patch Management | | | |
| Web Content Filtering | | | |
| Managed Firewall | | | |
| Intrusion Detection | | | |
| Intrusion Prevention | | | |
| Encryption | | | |
| Backups | | | |
| Password Manager | | | |
| Security Awareness | | | |
| Endpoint Detection & Response | | | |
| Multi-Factor Authentication | | | |
| DNS Security | | | |
| Dark Web Monitoring | | | |
| Basic SIEM | | | |
| Risk Reporting | | | |
| Threat Management | | ||
| Threat Intelligence | | ||
| Compliance Reporting | | ||
| Complete SIEM w/ Security Operations Center | | ||
| Continuous Vulnerability Scanning | | ||
| Mobile Device Security | | ||
| Application Whitelisting | | ||
| Identity & Access Management | | ||
| Privileged Access Management | | ||
| Data Loss Prevention | |
Regardless, the seven layers concept applies. The more layers of security you can implement to deter hackers, the more secure your environment. From a tool’s perspective, as it relates to 2021, a sound security approach requires implementation of the tools presented below:
If you’re using a managed IT services provider, you need to start by looking at its service offering. As you can see, most MSPs fall short when it comes to meeting even last year’s acceptable standards. Moreover, the fewer tools they deploy on your behalf, the more open you are to attack.
With remote workforces, endpoint security and multi-factor authentication are mandatory. Yet, slightly more than half (57%) worldwide have adopted MFA. Companies with 26 to 100 present a 34% adoption rate.
The same neglect for standard deployment applies to endpoint protection. BullGuardOne cites that nearly a quarter of companies in the U.S. and U.K. neglect endpoint security altogether. Moreover, even those implementing endpoint protection rely on consumer-grade applications (32%).
What’s Your State of Readiness?
Fact – cybercriminals will continue to attack your business from all directions. Do you have the appropriate layers of security and tools in place to respond to their attacks? Layered security makes their job infinitely harder. So why not increase your protection layers?
Unlike most MSPs, our IT company embraces 2021 standards and beyond. We’re fully prepared to deliver the cybersecurity services and IT solutions you need to protect your business from intruders. We even offer a vulnerability assessment to determine your points of attack. It’s FREE because we’re fighting the same battle you are.
