A lot has changed since the creation of the Open Systems Interconnection (OSI) model. The OSI model dates back to the mid-1970s, designed to serve as a common basis for system interconnection and networking. It has been very useful in that regard, but we have to be aware a lot has changed since its inception. The greatest disrupter to this model is cloud computing. With that said, there is still value in the OSI model and how to reduce risk in each layer, as many of our systems today still rely on its design.

What Is the OSI Application Layer?

As the name suggests, the application layer is designed to serve the end user. It is the layer most users will know and see even if they aren’t familiar with the rest of the OSI model layers. All types of services, such as mail and file transfers, happen here. It covers your web browsers, software and almost anything you see on your screen. To be clear, the applications themselves are not always part of this layer, but the services they offer are.

Cybersecurity Threats to the Application Layer

This list can be exhaustive if you start listing all of the different types of malware, because all viruses, worms, key loggers and Trojans do their damage to this part of the OSI model. This is where user ID and password sniffing happen. It’s also where user error happens. That means this is the widest surface area for attacks to happen. Steal data? Yep. Edit data? Of course! Crash an app? For sure! Take down a network? Yes.

Preventing attacks and cutting down on risk at this layer is where most cybersecurity and information security workers spend their time. It’s also what wears them out.

As we have noted before, addressing these issues with the OSI model in mind is more than just tech skills. It’s about behavior, design, knowing business processes and cost resilience. It even involves being aware of the value of our data throughout the life cycle, making it all a risk management issue.

Moving Forward on the OSI Model Journey

The OSI model was not designed with security in mind; as mentioned, it was designed to explain interconnectivity. But the OSI model does allow us to pinpoint where security issues lie. For example, a threat actor — depending on their level of technical expertise — can cause much more damage to the network at the physical level than at the application level if identity and management (IAM) controls are not in place. On the other hand, if your team is guilty of bad coding practices, you can focus in on strengthening your presentation layer.

In other words, use the OSI model as a tool to help you identify where attackers could find a foothold. Fixing the problem can be a whole lot easier if you know where to look.

More from Mobile Security

Juice jacking: Is it a real issue or media hype?

4 min read - You get off a flight and realize your phone is almost out of battery, which will make getting an Uber at your destination a bit challenging. Then you see it — a public charging station at the next gate like a pot of gold at the end of the rainbow. As you run rom-com style to the USB port, you may briefly wonder if it’s actually safe from a cybersecurity perspective to plug in your phone. The answer is technically…

Third-party app stores could be a red flag for iOS security

4 min read - Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…

A view into Web(View) attacks in Android

9 min read - James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today