INVITATION TO CYBERSECURITY 228 In the realm of cybersecurity, the closest thing we have to castle-like defenses may be data centers. Data centers are extremely high-value targets, therefore, they typically implement layers and layers of security. They are surrounded by prison-like fences forcing all cars to enter through the gate which is continually monitored by a security guard. Entering the building requires another round of authentication involving multiple factors, including biometrics. Security cameras are everywhere. Once inside the building, sensitive areas are protected by even more security measures. And these are just the physical space facility-based security measures! The idea of defense in depth is to make a hacker have to exert tremendous effort to overcome a barrier, only then to be confronted with another, even higher barrier. After that barrier is yet another barrier, etc. Each barrier drives up the costs of a successful attack. The higher the costs, the less likely the hacker will succeed and the more likely he will be caught. If a would-be attacker perceives that the costs will be too high to attack a target, he will choose a different, easier target. This principle reminds us that implementing a single defense and then thinking everything will be fine is hubris. One defensive measure is good, but two are even better, three are better still, etc. Ideally, the layers of defense are independent of one another, so they cannot fall like dominoes. Each layer takes a different creative approach to overcome. In cybersecurity the layers include many different controls and categories of security, such as physical security, access control, network security, system security, alarm systems, and more, implemented all across the people, processes, technology, and facilities of an organization. 9.1.8 Compartmentalization “I cannot imagine any condition which would cause a ship to founder. I cannot conceive of any vital disaster happening to this vessel. Modern shipbuilding has gone beyond that.” - Captain Smith, Commander of the Titanic The Titanic was believed to be an unsinkable ship because its hull was made up of several watertight compartments (see Figure 9.6). The theory was that if the ship was ever in a collision, only the compartments directly involved in the impact would flood, and the other compartments would provide enough buoyancy to keep the ship afloat. Tragically and ironically, on its very first voyage the Titanic struck an iceberg and sank. For various reasons, the theory did not hold up in practice. Even though it is actually a counterexample, the Titanic provides a memorable illustration of the principle of compartmentalization. The principle of compartmentalization states that access to resources should be segmented. There are two separate benefits of compartmentalization: to limit exposure and to avoid intermingling resources that could compromise access control. Sandboxes, like the virtual machine (VM) pods used for cybersecurity labs, are a good example of using compartmentalization to both limit exposure and avoid the intermingling of resources. VMs run on top of the host operating system and provide a barrier for the
RkJQdWJsaXNoZXIy MTM4ODY=