Volver a Noticias
Global Cybersecurity, the three rings of protection
2022-07-21 15:01:37
Autor: Carlos Araújo López, Consultor Senior en Ciberseguridad - CYSE (Grupo Sermicro)
When any type of organisation, whether small, large, public or private, feels the need to bring to light the cybersecurity risks it faces, it always starts by requesting the monitoring of the security mechanisms and systems it already has in place, mainly because these mechanisms are not monitored and their management is not centralised, as it trusts that these barriers will do their job.
That data, that vital information that we protect in various layers and without which the company could not survive, is what represents the inner core of the cybersecurity sphere, the reactive ring, where the protection systems that the company already has, End Point, Firewalls, NAC, WAF, DCs, etc., are monitored.
At this point, specialised consultancy is essential to detect the most critical breaches that need to be covered urgently, by analysing and correlating all the events reported by the security systems already installed.
This reactive security, so called because it reacts to incidents using technological tools, blocking malicious traffic or disabling users who show suspicious activity, makes sense for malware-based incidents, but, as we know, not all cyber-attacks are malware-based.
It is at this point that the importance of merging the company's physical security protocols and plans with cyber security and cyber intelligence activities becomes apparent, a clear convergence towards the overall security of the company by merging, in a single team, the security of people and information.
That is why our second ring, the proactive ring based on cyberintelligence tools, tries to find out what the outside world knows about our systems, what sensitive information has been leaked and could jeopardise access to them, what data is for sale on the dark web, why they are trying to clone our website to deceive users or why an important personality of our organisation is being impersonated. In short, cyber intelligence aims to anticipate and neutralise any potential threat.
Once again, there is a need for global security, because there is no point in having access exclusions to workplaces if we are neglecting digital cyber-surveillance and vice versa, cyber-surveillance is useless if we do not take care to protect people and corporate headquarters.
In addition, and to close the circle, constant prevention is extremely important, allowing us to train our skills to detect what is legitimate and what is fraudulent in cyberspace (like evacuation drills in physical security) and preventing us from letting our guard down and having an incident with unpredictable results.
This is where the preventive ring comes in, where constant training of users, by carrying out controlled phishing simulations, can prevent 80% of cyber-attacks. This prevention is also applied to the analysis of vulnerabilities in both public and private systems used by the company.
In short, global security is not a mere concept, it is the real need to unify physical security with cyber-intelligence and user training, which allows us to control all the entry points of a possible cyber-attack on our company.
Therefore, due to the natural evolution of society hand in hand with technology, we must also evolve cyber protection techniques and merge them with physical security, which is also being forced to develop new protection mechanisms in line with the times that await us.
Volver a Noticias
That data, that vital information that we protect in various layers and without which the company could not survive, is what represents the inner core of the cybersecurity sphere, the reactive ring, where the protection systems that the company already has, End Point, Firewalls, NAC, WAF, DCs, etc., are monitored.
At this point, specialised consultancy is essential to detect the most critical breaches that need to be covered urgently, by analysing and correlating all the events reported by the security systems already installed.
This reactive security, so called because it reacts to incidents using technological tools, blocking malicious traffic or disabling users who show suspicious activity, makes sense for malware-based incidents, but, as we know, not all cyber-attacks are malware-based.
It is at this point that the importance of merging the company's physical security protocols and plans with cyber security and cyber intelligence activities becomes apparent, a clear convergence towards the overall security of the company by merging, in a single team, the security of people and information.
That is why our second ring, the proactive ring based on cyberintelligence tools, tries to find out what the outside world knows about our systems, what sensitive information has been leaked and could jeopardise access to them, what data is for sale on the dark web, why they are trying to clone our website to deceive users or why an important personality of our organisation is being impersonated. In short, cyber intelligence aims to anticipate and neutralise any potential threat.
Once again, there is a need for global security, because there is no point in having access exclusions to workplaces if we are neglecting digital cyber-surveillance and vice versa, cyber-surveillance is useless if we do not take care to protect people and corporate headquarters.
In addition, and to close the circle, constant prevention is extremely important, allowing us to train our skills to detect what is legitimate and what is fraudulent in cyberspace (like evacuation drills in physical security) and preventing us from letting our guard down and having an incident with unpredictable results.
This is where the preventive ring comes in, where constant training of users, by carrying out controlled phishing simulations, can prevent 80% of cyber-attacks. This prevention is also applied to the analysis of vulnerabilities in both public and private systems used by the company.
In short, global security is not a mere concept, it is the real need to unify physical security with cyber-intelligence and user training, which allows us to control all the entry points of a possible cyber-attack on our company.
Therefore, due to the natural evolution of society hand in hand with technology, we must also evolve cyber protection techniques and merge them with physical security, which is also being forced to develop new protection mechanisms in line with the times that await us.