Layered Security

  • Published: Tuesday, Sept. 20, 2022

No organization is immune to cyber attacks. Cyber criminals often target small- to medium-sized businesses (SMBs) because they find them to be the most lucrative targets. Hackers find SMBs to be vulnerable due to lack of resources to fully defend from cyber threats.

Adopting a layered security approach is beneficial for all organizations to put multiple components in place to protect assets and keep the bad actors out. Applying security controls to the vulnerable areas of your environment where cyber attacks could occur will slow, delay or block threats. 

The National Institute of Standards and Technology (NIST) has developed a cybersecurity framework to guide organizations. The framework includes five primary functions: Identify, Protect, Detect, Respond and Recover. Layered security practices should follow this framework to identify and protect against cyber threats.

Implementing a layer security program will include hardware, software and user defenses. Consider these layers when building your defenses.

  • Firewall - This is the first line of defense for your network. Enable inbound and outbound rules to control the network's traffic.
  • Patch management - It is vital to your overall security health to keep software, operating systems and firmware up to date. Many times these patches will include security updates that fix bugs and close security gaps.
  • End point detection and response - End points are potential entry points for hackers. These devices need to be equipped to detect and respond to threats.
  • Email - Place filtering at the gateway to lower the risks of phishing and malware entering users' inboxes. Implement SPF, DKIM, DMARC to reduce spoofed senders.
  • Strong passwords - Administer a strong and unique password policy. Prevent password reuse and weak passwords.  
  • Multi-factor authentication - MFA can reduce the risk of compromised accounts and block access to network assets.
  • End user awareness education - End users need to be educated about the possibility of cyber menaces. It is important to know what the dangers are and what can happen.
  • Physical security - Prevent unauthorized access to your IT infrastructure. Key cards, door locks, security cameras and personnel should be placed to restrict access to network equipment.

All organizations should have current backups and an incident response plan in place. Should an incident occur, the IT team can quickly and efficiently respond and recover. Perform a risk assessment of your infrastructure to understand where the most vulnerable areas are and how a compromise could affect your business. Implement security layers where they will put you in the best position to respond and recover from cyber attacks.