Pitfalls of Layered Security by Brian Contos

Layered security makes intuitive sense. Prevention only scales so far. So, you augment prevention with detection. Detection is very useful when tightly aligned with response. And response adds great value when mitigation measures lead to improvements in prevention and detection.

The reality is however, we have a bunch of security controls that are not providing the value we assume they are. It’s not that the security controls are bad or the people configuring them don’t know what they’re doing. It’s because there is more often than not no way to validate that our security products are actually performing the way we want and that configuration changes we made are actually working.

It’s a lot like the Security Jenga video below. We’re moving pieces around in the stack and adding more “buzzwords” in the hope that they’ll perform as assumed. But we often have no way of validating our security effectiveness and no configuration assurance. Eventually, much like the Security Jenga game, it all comes crashing down.

‍

‍

Without empirically knowing what’s blocking, detecting, alerting, correlating, etc., it’s impossible to measure and improve security effectiveness. This leads to increases in complexity and cost and because of a security talent shortage, there aren’t enough people to throw at all the products you are throwing at the problems.

Embrace layered security, but do so with a platform that provides you with automated and continuous measurement of security effectiveness. Check out what Verodin can do to help.