Today I’m starting a series of blog posts on cyber security. Before getting to various topics, I thought it could be useful to remind everyone some of the security principles that are the most useful to help you achieve a higher level of security, whichever technology you’re going to use.
First, cyber security has 3 core attributes whose initials form the CIA acronym:
A note on confidentiality: maintaining confidentiality is an interesting challenge today if you consider the wide use of social networks where employees have leaked information directly or indirectly about their organization (think about these companies under attack where employees tweeted en masse that their PC was not working anymore; it was easy to deduce that an attack had occurred). Add on top of that the existence of WikiLeaks and you will probably agree with me that confidentiality is harder today.
Well, before answering that questions, please take a look at this picture.
If you wonder what the sentence written on the door means, here is the translation: THIS DOOR MUST ALWAYS BE KEPT CLOSED.
Now, imagine that you are trying to protect something valuable which is inside that building… and answer those questions:
Did you answer the questions? Please do before reading below.
OK. So you probably have realized that leaving this door open is exposing your valuable asset. Also changing the door with a stronger door is not going to fix anything as the issue here is that the door is not closed, not the door itself. If you look carefully you will see that the door is equipped with a mechanism to close it automatically, which fails because of a diet cola can being put between the door and the ground… This shows that someone knew people could go through the door and not close it. So they added more technologies which was not useful as one person put the can and made the entire system fail…
So, in order to achieve security we need to combine 3 key elements:
The most important part is probably the processes: being organized for security, having rules and procedures (‘this door should be closed at all times’).
Then comes people: making them aware of the risks, the importance of following rules and applying processes (‘this building hosts valuable assets that people entering the building could steal, read the signs asking you to close the door, close the door, don’t block the door…’)
And finally, probably the least important yet required ingredient to our recipe is technologies. Technologies are changing every day so probably the safest long term investment in terms of cyber security is in the processes and people dimensions. Then you should support them by applying the right technologies du jour.
So coming back to cyber security what do processes, people and technologies really mean? Here are some examples:
Going further there are a few security principles that are always good to have in mind:
Finally, what is the most difficult: to attack or to defend?
Well, it’s to defend! And it’s famously known as the defender’s dilemma: a defender needs to protect everything to the right level while the attacker only needs to exploit ONE weakness to compromise the enterprise. So now you know where the real heroes are!
Stay tuned for the next post in the series. Looking forward to hear your thoughts.