to mitigate them. Numerous industry best practice guides
provide detailed information. Risk assessments can be
complex and it can be easy to overstate or understate risks or
overlook vulnerabilities. Security architecture needs to scale
to meet the future needs of the business, yet be agile enough
to adapt to evolving threats.
An experienced professional will guide your assessment,
categorizing and prioritizing risks as they are identified.
Without expert help, resources may be wasted, or worse, the
system becomes even more complex.
3. UNDERSTAND THE
There are three key principles to improve system security:
● To define and protect your frontiers and reduce the
● To install mechanisms to detect intrusion and mitigate
its effect. This can be complex but you should assume that
sooner or later your frontier will be breached. You must
take the necessary steps that ensure you quickly discover
any compromise and equally quickly mitigate the problem.
So you need to know if your defences have been breached
and then be able to quickly repair the damage and prevent
● To create a dynamic and evolving process.
4. DEFINE YOUR
Cybersecurity threats continually evolve so your processes
will need to do that too. Processes and procedures are only
as good as the people operating them. Automated systems
off-set some of the issues caused through repetitious
boredom, but need to be regularly checked. There is
always a temptation to invent elaborate processes that look
great on paper. (Forcing people to remember 20 character
passwords that are assigned and vary weekly will simply
result in people writing them on Post-it notes!) Likewise,
the process around monitoring your frontiers has to be as
complete but pain-free as possible. Be prepared to make
regular changes as new threats evolve.
A key principle of security is to define a border or frontier
associated with the assets to be protected. Each “crossing
point” – where your system interacts with external systems
or devices – must either be the focus of protection or, where
possible, eliminated entirely. Also referred to as the electronic
perimeter, it resembles a country trying to protect its border
from unseen and potentially hostile forces. (A lot of security
language uses military metaphors.)
Systems without connection to the outside are obviously much
more secure, but entirely disconnected systems are generally
not very useful. They are also not entirely safe, as attacks
can be subtle or even launched from inside. Crossing points
can be subtle: for example, an entirely segregated server or
network is secure against direct external attack but can be
compromised through its power or air conditioning systems.
An attack surface describes the theoretical set of pathways
where your system can be compromised, and is the sum of all
points of vulnerability. The obvious threat points are internet
and other external network connections but there are other
potential pathways. These include base operating systems,
open sourced or licensed software components and databases,
technicians’ laptops or USBs used during routine maintenance,
and the increased uptake of BYOD in the workplace.
The core intention is to reduce the attack surface as much as
possible, then focus on reducing the remaining risks.