Analogy of control types in Cybersecurity

October 8, 2022

Cybersecurity layers of protection

I’ve said that adding more layers of security may make your data safer in order to clarify why we need firewalls, antivirus software, and passwords in addition to security solutions (if done right). Making a hacker clear as many hurdles as you can before they can access your sensitive data will lower your risk.

Here, locking up the royal jewels is the parallel. Then you close the lockable chest that is enclosed in the vault and place the box inside. If you want to take the comparison a step further, you might imagine everything as being contained inside a fortress that is encircled by castle walls and all of which is guarded by a moat.

Putting extra security measures in place might make it more difficult for the wrong individuals to access your sensitive data, even if a hacker manages to get past one tier of defense. Because of this, you often need to go through numerous stages, such as inputting a password to access your computer, another one to access a particular program or service, and then utilizing 2-factor authentication to confirm your identity.

Cybersecurity arms race

When it comes to cybersecurity, both sides are continually improving their weapons and defenses, much as in an arms race. You must constantly improve your security plan or you risk falling behind the pack while using a sword and shield to fend off fighter jets.

On the one hand, hackers are continuously developing new phishing tactics, making new and more deadly varieties of malware, constructing traps for victims to fall into, and looking for new weaknesses to attack.

On the other hand, in order to avoid becoming a victim of new threats, the good guys need to create safeguards against them, update security software definition files continuously, patch software and operating systems on a regular basis, be vigilant online and inform everyone in their organization about them.

Your primary email holds the keys to many other accounts

Recently, we had to explain to a computer newbie why hackers may potentially access other accounts tied to the main email account if they get access to it (banking, shopping, secondary email accounts, etc.).

The analogy we used to make everything make sense was as follows: Assume that your family members dwell in several homes, and you store the keys to each location at your principal household. If someone breaks into the main home, they may enter the other residences as well since they have access to all the keys. You must thus replace the locks at every residence if you want to be secure; otherwise, you risk another break-in.

This entails updating any account passwords that are connected to your main email address in the real world. Make sure that no one has tampered with your associated cellphone numbers, backup email addresses, and security questions across all of your accounts, since these are additional entry points the bad guys may use even if the primary passwords are changed.

Call +1 416-471-4545 or go to https://www.cybercert.ca/ to receive your 25% discount on all cyber security courses.

Sam Fareed

Lead Instructor qualified in CISSP, CCIE, and MCT with 25 years of training experience in Toronto.