Cohesity and Veritas have joined forces!
See why this is a game changer for the data security space.
Defense in depth—or layered security—is an IT data protection and security strategy using hardware, software, people, and processes to mitigate threats such as ransomware and disasters.
It inherently incorporates redundancy, enabling organizations to prevent any single point of digital failure. According to the U.S. National Institute of Standards and Technology (NIST), defense-in-depth security establishes “variable barriers across multiple layers and dimensions of the organization,” ensuring that attacks or disturbances missed by one layer are caught by another. Because no single technology, person, or team can protect all organizations and their data from every threat or human error it may face, it’s now incumbent upon leaders to invest in layered security to empower their organizations to maintain cyber resilience.
Layered security works by putting multiple security measures between an attacker or threat and an organization’s computing systems and data assets.
Picture seven individual security layers deployed in concentric circles around an organization’s data, each layer in the image offering a strong, yet unique defensive blockade. The goal of each is to limit what a disruptive event or attacker can accomplish, even if it gains access to that layer.
Layered security defense is often compared to a medieval castle because anyone wanting to penetrate the castle had to get past multiple safeguards: the moat, ramparts, drawbridge, high towers, and archers.
Layered security is necessary for multiple reasons. First, a growing number of employees are accessing their organization’s network and data from a variety of locations as part of a remote or connected workforce. As a result, many more conduits are available for non-authorized and non-essential parties to access an organization’s sensitive data. In addition, cyber threats such as ransomware continue to evolve. Not long ago, cybercriminals would delete an organization’s backup data and encrypt the production data. They then held organizations hostage in a sense, refusing to release the data until a ransom was paid.
In the latest version of ransomware, cybercriminals deploy a double-extortion scheme, encrypting an organization’s production and backup data while simultaneously stealing its confidential data. They then threaten to publish this data on the dark web unless the organization pays a ransom.
Simply put, if one security barrier fails to block a disruption or security breach, another layer of security is available to block it. This type of redundancy means organizations can compensate for any weaknesses in one security control or method. It also means enterprises are better protected against many disruptions and threats.
Organizations adding defense-in-depth capabilities can boost business outcomes, including the following:
Organizations implementing defense-in-depth strategies will want to put in place specific types of defense-in-depth protections at each of the seven security layers. These may vary by organization, depending on business needs and compliance requirements.
Layer 1: Human — The best protection at this layer is for organizations to cultivate a culture in which employees know what they can and should do to practice and enforce strict cybersecurity. Policies, procedures, and security awareness training about storing and accessing data are essential at this layer. These are commonly bolstered by security measures such as administrative controls, role-based access controls (RBAC), single sign-on (SSO), and multifactor authentication (MFA).
Layer 2: Physical — At this layer, teams add protection against unauthorized physical access to assets such as buildings, manufacturing plants, and data centers. These protections may include security guards, biometrics, fire suppression, and more.
Layer 3: Perimeter — Organizations seeking to better safeguard against unauthorized digital access at the vulnerable perimeter often add a next-generation firewall, conduct vulnerability and penetration testing, add denial-of-service prevention solutions, and more.
Layer 4: Internal network security — At this layer, security teams set out to bolster the protection of the organization’s internal network infrastructure such as adding encryption for data in-transit, outbound web filtering, four eyes (or two people) root-level system changes, micro-segmentation, and more.
Layer 5: Host — At the host layer, organizations rely on the platform operating system and workload protections such as automated patching and endpoint antivirus and malware detection.
Layer 6: Applications — At this sensitive layer, organizations add even more granular security, including artificial intelligence- and machine learning-powered (AI/ML) anomaly detection, the principle of least privilege, data encryption and key management, as well as application logging.
Layer 7: Data — Organizations protect their most important asset in the digital era—their data—by adding AI-powered detection, strong security access controls, encryption of data at rest, and by separating the data layer from the rest of the infrastructure.
A defense-in-depth strategy inherently incorporates redundancy, enabling organizations to prevent any single point of failure in their digital environment. Layered security, in addition to automation and AI/ML, also helps identify anomalies before they negatively impact user experiences. By layering in a series of defensive mechanisms, organizations enhance the security of their overall systems, applications, networks, and infrastructures—and increase the chances of protecting valuable data from unauthorized access. With a defense-in-depth strategy, businesses also reduce the likelihood of paying ransom, losing revenue, undermining customer loyalty, and compromising brand trust.
As ransomware attacks become more sophisticated and intrusive, the amount of ransom demanded and overall costs associated with them are increasing significantly. As a result, more organizations are adopting Zero Trust data security strategies. This approach only grants access to an organization’s users, assets, and resources once the identity and authenticity of that person, system, network, or service can be validated.
While Zero Trust data security is important, a multilayered, defense-in-depth strategy going beyond it is also required to protect data in today’s dynamic, digital business world. Cohesity empowers organizations to safeguard their data in line with a defense-in-depth strategy.
By incorporating four key pillars, the Cohesity Threat Defense architecture keeps organizations ahead of cybercriminals and threats and helps prevent disruption due to unexpected events.
Cohesity’s multilayered data security architecture enables a defense-in-depth security strategy for any organization looking to boost cyber resilience.
