A tiered approach is the best defense

By Thomas Gourgeon, Head of International Operations, Orange Cyberdefense

To really tackle the whole cyber threat landscape I think needs a specific approach. What I call a four tier approach. 

The first layer is the basics. It's important to get the basics right and by this I mean user awareness ─ making sure staff are aware of what security threats are out there, such as phishing, social engineering, or impersonation fraud. That’s the basics.

The second layer is reactive. It's about firewalls, it's about proxies, it's about identity and access management technologies that have been out there for the last 10 years.

Governance

It’s also important to make sure that you can segregate within your infrastructure to make sure that when you're contaminated on one end of your infrastructure, it doesn’t propagate through the rest.

But first you need to have good security governance in place to make sure that you have somebody within your organization who's in charge of security, who has a budget and who has a say on the conduct of the business. When you get this right, you can put in place a proper reactive defense line.

To really tackle the whole cyber threat landscape I think needs a specific approach. What I call a four tier approach.

Thomas Gourgeon, Head of International Operations, Orange Cyberdefense

Proactive

The third layer is proactive. You have to go beyond reactive protection and look at what's actually happening within your infrastructure. Detection is about collecting the information that's going through your infrastructure, correlating it intelligently, and building a proper response plan which can contain the attack from spreading. And, of course, this includes building a ‘back to normal’ plan.

Predictive

The top layer is predictive. Detection and response can be too late. You've been hit. So the next step is to make sure that you are more predicative that you see what's coming along next. This is where you need threat intelligence and R&D. It is the field of security researchers.

I think that there’s a lot of learning to do and a lot of expertise needed if you want to do it right. This is why you may want to consider relying on partners rather than going down the full Do-It-Yourself route.

It’s also important as well to make sure that you have something that is not static, but is dynamic so that you can feed the learnings from each attack into all the layers of your defense system.

Subscribe to the Air Transport IT Review