BY TERRENCE GRIFFIN
As sophistication in cyber fraud continues to grow, credit unions must ramp up their lines of defense. Defense in Depth provides multiple layers of security to attack fraud at all levels and from every direction. Read on to see how this military-inspired approach can work for your CU.
As hackers and fraudsters become more creative and determined, credit unions must respond with more sophisticated and exhaustive cybersecurity defensive programs. Only in this way can they counter fraud in all of its pernicious forms.
One approach is known as Defense in Depth. The idea is to defend a system against an attack using several independent methods. This model layers multiple security controls and barriers such as firewalls, wireless and data leak protections, and identity management that provide collaborative redundancy. If one control fails, another control is there to take its place and protect the system. Thus cyber attackers are delayed and detected before they can do serious damage.
The concept of Defense in Depth comes from the military – and how appropriate. Having a solid defense to protect a financial institution’s cyber system is, to that institution, on par in many ways with our military’s mission to keep our nation secure.
Among the more widely cited expositions of Defense in Depth are the “CIS Critical Security Controls” (PDF). This document provides the Center for Internet Security’s 2016 formulation of 20 security layers ranging from governance to business continuity/disaster recovery.