Page 18 - Cyber Warnings
P. 18
Current security tools identify, detect and protect the information from getting into the hands of
unauthorized people. What happens when the user is compromised or the user is a bad actor?
What is exposed if it was an administrator of the systems? Many security tools provide the visibility
needed to protect and the infrastructure, providing way to narrow path data can travel. Focus on
the data.
Maybe Cisco is Right? The Layered Approach Does Work
CIO’s and CISO’s use security tools to narrow the path to sensitive information. To illustrate the
point, draw a picture of a round target with 7 rings the center, being the most critical part, Data.
Cisco calls this the ‘layered approach’ – the more layers around the Data, the harder it is to get at it
and compromise it.
One of the best processes which utilize this method, in my opinion, is Lockheed Martin’s method
called the “Cyber Kill Chain”. The process creates layers and alarms, when a layer is exposed it
triggers an alarm providing time to react and protect information. Would an administrator have the
ability to get to sensitive information? How long would it take for information to be taken and sent
to some other location? Why should an administrator have access to read all information?
18 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
