Sustainable organizations run with a cybersecurity strategy that stands toe-to-toe with today's ever-increasing frequency and attack vectors.
Rather than starting with solutions and working backward to a strategy, use the layered approach evolving towards solutions that fill the gaps.
Think of your security needs in layers - each characterized by the type of cyber-attack commonly threatening small organizations today.
Perimeter – Think of this as the logical “edge” of your network, where potentially malicious data may enter or exit. Network appliances, network connectivity points, as well as email and web traffic all represent places that need to be secure.
User – The user plays a role when they interact with potentially malicious content; either they are an unwitting victim or play a part in stopping attacks. This makes it necessary to pay attention to the user as part of your security strategy
Endpoint – Think about both corporate and personal devices, laptops, tablets, servers, and mobile phones; every endpoint needs to be protected
Identity – Ensuring each person using a credential is the credential owner is another way to secure your data
Privilege – Limiting elevated access to corporate resources helps reduce the threat surface
Applications – These are used to access information and valuable data, so monitoring their use by those with more sensitive access makes sense
Data – Inevitably, data is the target. Watching who accesses what provides additional visibility into your environment's security