Reading time : 5 min
Let's remember the main objective of cyber security, which could be defined as: protecting the company's business and data.
We can say that this objective has no definite end in time, so we must work in an iterative and agile way.
Finally, we can also say that today the advantage is with the attackers (opportunity of vulnerabilities, surprise effect, means), which means that we must also be reactive and supervise in real time our security posture.
So an essential mantra for someone working in cyber security is:
preparedness - agility - resilience.
The achievement of our goals cannot be done without methodology, and it is the basics of these methodologies that we will discover in this lesson.
Defense in Depth is a concept inherited from the military world (as is often the case in cyber security), which implements different independent and overlapping defense mechanisms to improve the overall level of protection.
We can retain the image of a medieval fortress, where the dungeon was itself fortified (armored door, pits, very high walls, very narrow stairs). The keep itself was surrounded by walls, very high, with a covered way and loopholes. These walls were themselves surrounded by very deep moats. Finally, the castle was built in an advantageous place for the defense, for example on top of a hill.
Defense in depth consists of some important concepts:
"Zero trust" is a cyber security concept that brings together many of the best practices already discussed in this course.
This concept aims to correct some of the weaknesses that protection mechanisms have had in the past by placing too much trust in certain elements.
💡 F or example: it was commonly accepted in the past that a workstation connecting to the corporate network was necessarily a legitimate workstation.
The "zero trust" concept is based on three main pillars:
To go further, please consult the ANSSI document: Scientific and technical advice: the Zero Trust model
Overall, it is difficult to have security that relies entirely on obscurity. It is regularly observed that the public release of source code or cryptographic algorithms allows researchers to find vulnerabilities and correct them for the benefit of all.
Instead, we need to integrate darkness into our security management without making it an end in itself.
As we have just seen, our cyber security approach must be methodical and involves many essential concepts. This is why, in order to make our daily work easier, we can rely on guidelines, which summarize all the best practices and methodologies. There are many reference systems, and most of the time it is several of these reference systems that we will implement to reach our objectives and respect the principle of defense in depth.
Depending on the type of activity, here are some of the most recognized cyber security standards:
💡 F or example, we can follow the ISO 27002 standard for our cyber security governance, use the EBIOS RM standard for our risk management, and follow several standards such as the CIS Benchmark for all technical measures to be implemented.
For some of the standards we have just discussed, it is possible to be audited so that a third party determines our level of compliance with the standard, and gives us a certificate attesting to it.
While certification should not be an end in itself, a certification process can have benefits:
In this lesson, we discovered that knowing the essential principles of cyber security, and applying the right methodology to implement an effective continuous security approach is paramount.
To help us achieve this goal, we can count on the help of reference systems, which guide us in the adoption of a cyber security posture (governance, prevention).
Once we have adopted our posture, we can again rely on the repositories to help us follow good operational practices (risk reduction, monitoring, resilience).
Start your cybersecurity training!
Theory & Practice
Customized by level
Start your cybersecurity training
Breathe new life into your career with our cybersecurity training courses