If you are familiar with the cybersecurity world, you may have noticed an explosion of new vendors and tools onto the market. The terminology and volume of ever changing acronyms can get pretty confusing, pretty quick. To try and understand the big picture, I like to break down the strategy, risks, and responses into the Cyber Onion. This approach thinks about risk and response on different levels, then applies tools and strategies to the level of risk.
The out layer contains your organization's Residual Risk, this is the risk that always remains no matter what you do to identify and eliminate risks. Hackers are always going to attempt an attack, internal employees are always prone to human error.
Risk identification and analysis can proactively identify, create awareness of and create response strategies to internal and external attack vectors.
Examples include:
Risk detection, response, and mitigation. These tools are reactive to triggers for identified abnormal behaviour in your organization. Many tools have an automated response mechanisms and can mitigate risks and attacks from spreading further once they have begun in your organization. Examples include:
The day to day continuous monitoring and management of risks, policies, programs, training and tools to ensure your organization meets an expected base standard of cyber security. Risk appetites can be defined along with normal and abnormal behaviours.
Examples include:
Lynsey Dunn is an IAM Consultant and Certified Okta Consultant at Distology Studios, bringing extensive Risk Analyst experience from previous positions at Deutsche Bank and Morgan Stanley.