In the May edition of the Australian Defence Magazine, Cogito Group have a two page article titled ‘The changing face of cyber protection’.

In this article we talk about the ‘castle defence’ strategy and how this has long been the traditional means by which organisations have protected their data.

“In a rapidly changing landscape, the trusted insider threat (Snowden) and Bring Your Own Device are but a few examples that highlight although border protection is still important, a comprehensive, layered approach to security and authentication is essential.”

The new look castle

“Boundary protection (the firewall) will always play a significant part in cyber security. The firewall sits at the most critically important place in the network and needs to have a centralised point of visibility and control over everything entering and leaving the network.”

“The next generation firewalls work on the premise that identity is key: application identification; user identification; content identification.”

Identity is Key

“The growth of the internet and ever increasing connectivity of people and devices has meant the definition of managing identities has grown. It’s no longer simply about just managing the identity of people accessing services. Organisations now need to gain an understanding of the relationships it has with identities. A good identity solution is designed to handle complexity. It provides Adaptive Access Management. It knows the relationship between identities and can use this and other information to make dynamic decisions based on set rules. An example is that it may know when an identity is logging in from a different device, area or region and may challenge for additional authentication.”

Multi-factor Authentication

“The ASD website states, Multi-Factor Authentication (MFA) remains one of the most effective methods an agency can use to prevent a cyber-intruder from gaining access to and propagating that access throughout the network accessing sensitive information.”

Encryption

“Once data is encrypted this data can continue to pass through systems transparently, and be persistently available for decryption by authorized users. Administrators no longer need full access to everything, encryption technologies allow them to back-up and restore the data without access to the unencrypted data. Data is secure throughout its lifecycle and it’s seamless so use may not even know the data is encrypted.”

Click here for a link to the full article.