Defence in Depth: The Modern Approach to Cybersecurity

[read_meter]

Table of Contents

Welcome to another post from the blog, where we dive into all things cybersecurity and help each other on our journey to becoming cybersecurity professionals. Today, we’ll be discussing Defence in Depth, a crucial aspect of maintaining a strong security posture.

Note, this is taken from TryHackMe’s Advent of Cyber 2022 event, day 23 of Defence in Depth.

Introduction

Defence in Depth is a more comprehensive topic in security compared to the ones we have covered previously on the channel. The concept is based on the idea that there is no single defence mechanism that can protect an organization from all security threats.

In the past, organizations have focused on securing their perimeter, much like the castle walls in medieval times. However, this approach is not enough in today’s modern world, where attackers are constantly finding new ways to breach even the strongest of defences.

The modern approach to defensive security focuses on disrupting the adversary’s objectives, securing everything in their path, and having a well-rounded defence layer in place.

This includes securing the perimeter, having multiple layers of internal security measures, and having the capability to detect and respond to attacks effectively.

Disrupting Adversarial Objectives

There are three levels of defence in modern cybersecurity. The first level focuses on securing the perimeter with firewalls, DMZs, and other preventative measures. The second level includes these measures with the addition of internal security measures such as network segmentation, zero trust, and least privileged access.

The third level goes full circle, incorporating the benefits of the first two levels, and ramping up the detection and response capability of the organization. This includes effective log collection and well-crafted analytics, ensuring that the organization is not only good at preventing attacks, but also capable of responding to them if they bypass the defensive capabilities.

Scenario

Let’s consider a scenario where an adversary has successfully breached the perimeter defences through a spear-phishing campaign. In a well-rounded defensive organization, the adversary would need to navigate a hardened environment filled with tripwires and traps.

Even if they were able to take over a specific user’s account, they would be limited in their actions due to the implementation of the principle of least privileged access.

Even if the adversary were able to move laterally to another user with better privileges, they would still face multiple layers of internal security measures, making it difficult for them to reach their ultimate goal. This is where the importance of having a well-rounded defence layer comes into play.

Conclusion

Defence in Depth is a crucial aspect of maintaining a strong security posture. The modern approach focuses on disrupting the adversary’s objectives, having multiple layers of defence in place, and the capability to detect and respond to attacks effectively.

By following this approach, organizations can ensure that they are better prepared to face the constantly evolving threat landscape.

Thank you for reading and stay tuned for more posts on the journey to Cybersecurity Professionalism.

https://youtu.be/g-dAWAXnMCM
About The Author
Mr Ash

Mr Ash

“Learn, create, share, repeat.” • IT teacher, former web designer, learning CyberSec • Road to #100DaysOfHacking on Hackers Learning Path.
Share This Article
LinkedIn
Twitter
Facebook
WhatsApp
Email

The Monthly Monitor

An accountable newsletter about productivity, cybersec, & hacking. No spam, unsub anytime.

By entering your details, you agree to the Terms & Policies.
Leave A Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More Content

The Monthly Monitor

An accountable newsletter about productivity, cybersec, & hacking. No spam, unsub anytime.

By entering your details, you agree to the Terms & Policies.

This site uses cookies and other tracking technologies to assist with navigation, monitor site usage and web traffic, assist with our promotional and marketing efforts, and customize and improve our services, as set out in our privacy policy