Using Layered Security to Keep Warm for the Winter

With winter fast approaching, people are layering up their clothing to keep out the chill — and security teams may want to follow their lead.

For enterprise cybersecurity, winter storms come in with the holiday shopping season. It is the busiest season of the year for retailers, and it is the most distracted season for all enterprises as people rush to shop and prepare for the holidays. All this confusion makes it a favorite season for cybercriminals.

Now is the time to keep out the cyberattack chill with layered security. The goal here is to make life difficult for attackers. Even if they break through the first line of defense, they will only encounter additional defenses designed to block all types of threats.

A Multipronged Response

Once upon a time, when networks were simpler and endpoints were few, endpoint defenses such as firewalls were largely sufficient. Those days are gone. Today’s networks are far more complex and far-reaching, with endpoints extending up to the cloud and out to employees’ mobile devices — the same devices from which those employees may be hunting around unfamiliar websites for that special holiday deal. Cybercriminals know this, which is why threats multiply during this time of year.

As Myk Konrad noted on Infosec Island, today’s threats are not limited to the sort of data theft that makes the evening news. Distributed denial-of-service (DDoS) attacks can bring an e-commerce site to its knees, often for days. Attackers can also compromise communication systems to steal bandwidth, leaving the victim organization to foot the bill. One small business was hit with a $900,000 bill for calls to Somalia in 2012, according to Insurance Journal.

Unfortunately, no single wall of protection can guard against such wide-ranging threat possibilities coming from multiple directions and aimed at multiple targets. Even the term layered security, though commonly used in the cybersecurity community, fails to fully capture the security challenges and how this approach protects against them.

Layered winter clothing puts successive barriers in the way of the cold winter air. Similarly, robust security is built around strewing obstacles to block varied threats coming from all directions.

Layered Security: A Tougher Nut to Crack

Session Initiation Protocol (SIP), the basis for modern telephony systems that greatly simplified call centers and other voice operations, has become a key threat axis for attackers. Telephony denial-of-service (TDoS) attacks have become favored means of disrupting organizations and penetrating their networks. Because of interlinked infrastructures, SIP attacks can enable data theft and other disruptions.

Session border controllers (SBCs) provide a first layer of protection against SIP attacks, as well as a set of management tools. But like traditional endpoints, this is just one component of a full, multipronged security structure built to prevent today’s multidimensional threats.

No security structure provides absolute protection. But layered security, backed by policies constructed around each defensive resource, will make your organization a tougher nut for cybercriminals to crack. That’s one way to keep your holidays cheerful.

Rick Robinson is a writer and blogger, with a current 'day job' focus on the tech industry and a particular interest in...