Reference no: EM133468450
Assignment:
Part I:
In the cybersecurity world, the term "Defense in Depth" is often mentioned. Defense in Depth is the use of multiple layers of security in place to protect an organization. (Fortinet.com, 2023). Understanding that no single tool is able to provide complete security and the fact that any security technology in existence today may have a yet uncovered zero-day vulnerability, helps to understand why a defense-in-depth strategy is required. Examples of a defense in-depth strategy may include:
· Firewall
· VPN
· Intrusion detection and response
· Antivirus on end-point devices
· Patch management
· Cycle replacement of older devices that are out of life
· Email protection (email gateway looking for phishing attempts)
· End-user training and simulations
· File and share permissions (PoLP)
· Time of use settings
· Internal Security Operations Center looking for malicious behavior
· Managed Detection and Response services
· Disaster Recovery
By implementing a multi-layered approach, there is a greater likelihood of a threat being identified, blocked, and remediated prior to compromising an organization.
What are some of the security controls within the security policy that support a defense-in-depth security architecture?
Part II:
As a potential leader in cybersecurity. What are some general rules you should follow concerning information release when an incident occurs in your network?