Andre Vaux | Managing Director at claireLOGIC
Defence in Depth (DiD) is a cybersecurity strategy that uses multiple layers of security to protect a business’s critical assets and IT systems. Moving to this layered approach is effective as it secures all attack surfaces, and even if a malicious actor gets through one layer of defence with a novel attack method, they are likely to be stopped by a further layer of defence.
The first layer of defence is email and web security. This layer is extremely important with 90% of IT professionals stating phishing emails as their number one concern. Thankfully, if a business has a comprehensive email and web security solution, they significantly decrease their chance of having their data breached.
In regard to email security, all businesses should have their email set up correctly. This includes the use of authentication records, including DMARC, DKIM and SPF. Whilst these are simple controls, they can prevent the majority of low-effort spray-and-pray phishing attacks, therefore there is no excuse why all businesses should not have them implemented.
Within this layer, businesses also need a dedicated email security solution. Most comprehensive email security solutions use AI to detect any potentially malicious emails and quarantine them before they even reach an employee’s inbox. It is also important to have internal email protection, which can prevent the lateral spread of attacks if an account is compromised.
Closely related to email security in this layer is web security. A web security solution will not only protect against malicious URLs and websites but also enforce acceptable web use and mitigate shadow IT risks through uncontrolled cloud application risks, especially cloud storage.
This first layer will prevent most low-effort attacks, but if a threat does manage to penetrate this layer, there are 5 more to stop it from reaching a business’s critical assets.
Register your details below to receive part two ‘Layer 2: Perimeter Security’ straight to your inbox