Engineering Defense in Depth 2.0: Securing with Intelligence

Deeply interwoven third-party vendor relationships have fundamentally changed business. They’ve allowed organizations to establish complex supply chains and sophisticated digital capabilities. Yet, all the gain isn’t without a good deal of pain. While these frameworks transform commerce, they also complicate cybersecurity.

Today, other organizations have access to your company’s data. Consequently, risks and vulnerabilities created by a partner potentially affect everyone in the supply chain. This means that bad code or malware residing in one organization’s network can leak into others. As zero-day attacks multiply and the use of personal devices for business purposes grows, the associated risks increase dramatically.

What can small and medium-sized businesses (SMBs) do to get a handle on this situation? The most effective approach is defense in depth. It layers strategies and technology to create a more holistic cybersecurity defense fabric. This approach makes it possible to adjust and adapt rapidly to changing situations, while tapping tools that address specific risks and threats.

Defensive Thinking

Business today is all about decreasing barriers. There’s a need for people and organizations to communicate and share data like never before. However, the desire for speed and a focus on white-hot innovation paints a target on businesses.

For example, during the pandemic, Webroot witnessed a 33% rise in attacks. As workers flooded home to work and began using personal devices to connect to the office—in some cases violating company policy—the frequency and severity of attacks grew.

Those hit with ransomware paid a dear price. Many found themselves dealing with ransom requests extending into the tens of thousands of dollars. What’s more, remediation efforts were time-consuming and expensive. Webroot found that 42% of these firms spent a day or more putting all the pieces back together. The typical cost to an SMB landed somewhere between $300 and $10,000.

Despite numerous cybersecurity solutions, designing an effective defense isn’t getting easier. Over the last decade, cybercriminals have built and orchestrated malware that is more modular, evasive and difficult to stamp out. The biggest ransomware attacks that take place are often managed by a combination of different pieces of malware.

Getting to Defense in Depth

Establishing multiple layers of protection is at the foundation of defense in depth. In this way, if one solution or layer fails to detect an attack, another can still protect IT systems and data. For example, multi-factor authentication (MFA) reduces the risk associated with a compromised password. The crook needs access to a device to authenticate.

Add in tools such as robust malware detection, DNS security, a virtual private network (VPN), next-generation firewall and data encryption, and a breach becomes more difficult to pull off. An organization can further protect itself with an asset management system that can detect unauthorized devices and unusual logins. There’s also a need for consistent patching.

Defense in depth is more than a technology framework, however. Employee education and training are critical. People must learn how to recognize phishing attempts, avoid clicking on bad links and visiting dangerous websites. This training should include drills that send fake phishing messages to employees and test their ability to react appropriately.

It’s also critical to establish a robust backup strategy along with a recovery plan for dealing with ransomware and other attacks. A good managed service provider (MSP) can help with all of these things.

Today, as cybercriminals become more ingenious and sophisticated,  SMBs need to consider how they become cyber resilient. A defense-in-depth approach is a good way to build that resilience to withstand and recover from cyberattacks.

For more information, visit Webroot.