![\"\"](\"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-content\/uploads\/sites\/119\/2024\/11\/istockphoto-1420039900-1024x1024-1.jpg\")
DEFENSE IN-DEPTH DEFINED.<\/strong><\/p>\n\n\n\n According to NIST, defense in-depth is an information security strategy that integrates people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization or the application of multiple countermeasures in a layered or stepwise manner to achieve security objectives. The methodology involves layering heterogeneous security technologies in the common attack vectors to ensure that attacks missed by one technology are caught by another.<\/p>\n\n\n\n In order to have a robust security architecture, defense in-depth is must and this does not guarantee that your organisation would not experience cyber incident but it could reduce impact and all forms of cost associated with a cyber attack<\/p>\n\n\n\n The cost associated to having a robust security architecture that defends and protects the networks and assets at multiple layers, cannot be compared to the loss that an organisation can experience from just a single breach as it costs way more when you experience a breach. For example;<\/p>\n\n\n\n LONDON DRUGS RANSOMWARE ATTACK<\/strong><\/p>\n\n\n\n On April 28, 2024, London Drugs suffered a ransomware attack where cybercriminals stole sensitive data from its corporate head office. The attack led to the closure of all 79 stores across Western Canada until May 7 – more than a full week. The LockBit ransomware group was attributed with the attack that involved the exfiltration of files containing corporate information, including extensive internal records for London Drugs employees, immigration applications, sexual harassment complaints, and termination letters.<\/p>\n\n\n\n The cyberattack on London Drugs resulted in a complete shutdown of its operations, encompassing both store fronts and online services, lasting just over a week. This closure significantly disrupted services and operations across multiple provinces, including British Columbia, Alberta, Saskatchewan, and Manitoba. Pharmacy staff reportedly posted themselves outside stores to fill vital prescriptions for customers, but the impact to business operations was widespread and severe.<\/p>\n\n\n\n It remains undisclosed how London drugs was breached but certain proactive measures could have been taken to prevent this cyber incident.<\/p>\n\n\n\n Firstly, implementing robust cybersecurity protocols and regularly updating all systems are essential in safeguarding against malicious attacks. Conducting regular security audits and penetration testing, both AI-powered with cybersecurity professional oversight, can help identify vulnerabilities that hackers may exploit.<\/p>\n\n\n\n Additionally, investing in employee training programs to educate staff about phishing scams, social engineering and other common tactics used by cybercriminals can significantly reduce the risk of a breach. By employing multifactor authentication for accessing sensitive information can add an extra layer of protection to prevent unauthorized access. Having a strong incident response plan in place is also crucial so that immediate action can be taken in the event of a breach.<\/p>\n\n\n\n Collaborating with cybersecurity experts and staying informed about the latest threats in the industry can help companies stay one step ahead of potential attackers. By prioritizing cybersecurity as a fundamental aspect of their operations, organizations like London Drugs can minimize the risk of falling victim to future cyberattacks.<\/p>\n\n\n\n CONCLUSION <\/strong><\/p>\n\n\n\n In Conclusion, having a robust security defense in-depth strategy, does not guarantee your organization would not experience cyber attacks or incidents but it would help reduce negative impacts and losses and would help the organization build cyber-resilience in the face the rising Cyber attacks across the world.<\/p>\n\n\n\n References:<\/p>\n\n\n\n https:\/\/csrc.nist.gov\/glossary\/term\/defense_in_depth<\/a><\/p>\n\n\n\n https:\/\/www.varonis.com\/blog\/cybersecurity-statistics<\/a>https:\/\/globaledge2020.com\/the-london-drugs-cyberattack-2024\/<\/a><\/p>\n\n\n\n![\"\"](\"https:\/\/wpsites.ucalgary.ca\/jacobson-cpsc\/wp-content\/uploads\/sites\/119\/2024\/11\/USS-Defense-in-Depth-Graphic-v5-1024x791.png\")
<\/figure>\n\n\n\n