Three basic elements of cybersecurity, which are also known as the foundation or cornerstones of cybersecurity, are by far the most effective and simple measures to protect organizations and infrastructure against cyber threats. Without these basic elements, the implementation of more advanced concepts like ZERO trust are not possible, and in fact, don’t make any sense.
Patch Management – Ensure that available patches are distributed and applied without delays, and also ensure that no device or app without the necessary patches is in use.
Segmentation & Segregation – Create segments of the infrastructure which have autonomous capabilities to validate access rights and privileges, and execute cyber measures. Enforce segregation of functional and elevated privileges, also know as segregation of duties and privileges.
Identity & Access Control – Enforce holistic validation and control of physical and digital access rights and privileges throughout the organization and infrastructure. Create the foundation of zero trust by eliminating every form of explicit trust in access rights and privileges.
And yet, despite being highly effective and relatively simple compared to other cybersecurity measures, we still see that a significant number of cyber incidents are made possible by failing in these basic elements. See the full report on The Human Element in Cyber Security for more details.
Dr. ir Johannes Drooghaag – CEO Spearhead Management