Building a Responsive & Layered Defense Strategy
In light of the recent SolarWinds hack, organizations need to be prepared to change their behavior and security approach. Whereas before, security strategies mainly centered around prevention, this incident has proven that a layered security approach is imperative.
“We’ve historically looked at, if we build high walls, we can stop things at the door and prevent attacks from occurring inside our environment,” says Thomas Jefferies, Head of IT Security. “Unfortunately, with a supply chain attack, you’re taking a trusted partner and trusted software, and that software is now a suspect.”
Battling these attacks requires a deeper understanding from every player within the environment, including trusted partners, vendors and software. Taking a layered defense approach allows for these potential threats to be monitored within the environment.
ivision recommends a few different ways to go about layered defense. Implementing proper tabletop exercises is key, testing and responding to different types of events in your environment. It’s also imperative to take vendor management seriously and conduct deep security audits of partners to make sure they are addressing any risks.
Monitoring internal software helps clients develop a deeper understanding of its use and its behavior. With that understanding, it’s easier to detect any modifications or deviations from the norm, giving your organization time to review those changes to see if they could create problems.
By bringing in vendors, partners and software you can trust, you can get back to focusing on business goals. Learn more about how ivision’s security offerings can place confidence back in your environment.