E R T N
P
X
E INIO
OP
A layered
approach to
cybersecurity:
People, processes
and technology
Alain Penel, Regional Vice President – Middle
East, Fortinet, outlines the various approaches
to cybersecurity, which includes the three crucial
aspects – people, processes and technology.
C
ybercrime is an
ever-present
threat facing
organisations of
all sizes. In order
to safeguard
themselves
against a successful data breach,
IT teams must stay a step ahead of
cybercriminals by defending against a
barrage of increasingly-sophisticated
attacks at high volumes.
In Q3 of 2018 alone, FortiGuard Labs
detected 1,114 exploits per firm, each
representing an opportunity for a
cybercriminal to infiltrate a network and
exfiltrate or compromise valuable data.
What complicates this challenge further
is that the strategies and attack vectors
that cybercriminals rely on are always
evolving. It’s the classic problem of
www.intelligentciso.com
|
Issue 11
Alain Penel – Regional
VP – Fortinet
security teams having to cover every
contingency, while cybercriminals only
need to slip past defences once. Because
of this, IT teams must continuously
update their defences based on current
threat trends.
Today, IoT, mobile malware, cryptojacking
and botnets are top focuses for
cybercriminals, but they may have moved
on to new threats by Q4. With this in
mind, IT security teams have a lot of
ground to cover.
A layered approach
to cybersecurity
Many think of a layered approach to
cybersecurity in terms of technology
and tools. This means having various
security controls in place to protect
separate entryways.
For example, deploying a web
application firewall, endpoint
protections and secure email gateways,
rather than relying only on traditional
perimeter defences.
Unfortunately, there is no silver bullet
to guarantee effective security posture,
nor a single defensive mechanism that
can ensure security across modern
distributed networks. While these solutions are all part of a
layered security approach, it actually
goes well beyond deploying layers of
different security tools.
In order to defend against today’s threats,
IT teams must take a layered approach to
their cybersecurity. For cybersecurity to be effective,
organisations must also consider how
they leverage people and processes.
41