fbpx
Defence in Depth

Defence in Depth Part 4 Overview

If you have been following our posts on Defence in Depth you will be gaining an understanding of some of the products and services we can provide. This article is about the layers that need to be addressed in order to meet your Cyber Security goals. At the bottom of the article there are links to our previous posts.

Cyber security is the practice of protecting information systems and networks from cyber threats. Cyber security can be divided into different layers, each with its own objectives and challenges. The following are some of the common layers of cyber security:

  • Physical layer: This layer refers to the protection of the hardware and devices that store or transmit data, such as servers, routers, laptops, smartphones, etc. Physical security measures include locks, alarms, cameras, biometric scanners, etc. The main goal of this layer is to prevent unauthorised access, theft, damage, or destruction of the physical assets.

  • Network layer: This layer refers to the protection of the communication channels and protocols that enable data exchange between devices and systems, such as the internet, VPN, Wi-Fi, Bluetooth, etc. Network security measures include firewalls, encryption, authentication, VPNs, IDS/IPS, etc. The main goal of this layer is to prevent interception, modification, or disruption of the data whilst it is in transit.

  • Application layer: This layer refers to the protection of the software and applications that run on the devices and systems, such as operating systems like Windows 11 or Mac IOS, browsers, email clients, databases, etc. Application security measures include antivirus, antimalware, patches, updates, code reviews, penetration testing, etc. The main goal of this layer is to prevent exploitation, injection, or execution of malicious code or commands that can infiltrate your organisation.

  • Data layer: This layer refers to the protection of the information and content that is stored or processed by the devices and systems, such as personal data, financial data, intellectual property, etc. Data security measures include encryption, hashing, backup, recovery, access control, audit logs, etc. The main goal of this layer is to prevent leakage, loss, alteration, or deletion of the data.

  • User layer: This layer refers to the protection of the human actors who interact with the devices and systems, such as employees, customers, partners, etc. User security measures include awareness training, policies, procedures, guidelines, etc. The main goal of this layer is to prevent human errors or negligence that may compromise cyber security. We offer courses on this, if you want to know more about how we can train and protect your systems please get in touch.

Defence in Depth previous articles.

Part 1, Part 2, Part 3

Martin Mayes – by-line and other articles

Photo by Robert Golebiewski: