InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties…

Follow publication

You're reading for free via Dhanush N's Friend Link. Become a member to access the best of Medium.

Member-only story

How to Build a Strong Cybersecurity Strategy ?

Dhanush N
InfoSec Write-ups
Published in
4 min readNov 26, 2024

Not a Medium member? Read here for free

In the ever-evolving landscape of cybersecurity, organisations must adopt comprehensive strategies to protect sensitive data and maintain system integrity. Let’s explore some critical concepts and frameworks that serve as the backbone of modern information security, from Defence in Depth to threat modeling and incident response.

Photo by Kasia Derenda on Unsplash

Defence in Depth: The Layered Approach

“Defence in Depth” is a multi-layered strategy that integrates varied security measures across an organisation’s systems and data. The idea is simple: multiple layers of protection create redundancy, ensuring that if one barrier is breached, others remain to safeguard the perimeter. This approach provides organisations with robust protection against diverse threats.

The CIA Triad: Cornerstone of Security Policies

The CIA Triad — Confidentiality, Integrity, and Availability — is the foundation of information security. Every security policy considers these three principles to balance protection with accessibility.

  • Confidentiality ensures data is accessed only by authorised individuals.
  • Integrity prevents unauthorised alterations to data.
  • Availability guarantees that data is accessible when needed.
CIA Triad

Access Management: Principles of Privileges

Access control is vital in safeguarding sensitive data. The level of access assigned depends on an individual’s role within the organisation and the sensitivity of the data in question. Two critical methodologies for managing privileges are:

  • Privileged Identity Management (PIM): Assigns access based on roles and responsibilities.
  • Privileged Access Management (PAM): Controls and audits system access rights to manage privileges effectively.

Security Models: Ensuring Confidentiality and Integrity

Bell-LaPadula Model

Designed to uphold confidentiality, the Bell-LaPadula model operates on hierarchical structures, commonly used in organisations like the military.

Key rule: “Can’t read up, can read down.”

Biba Model

The Biba model focuses on integrity, ensuring data accuracy by preventing unauthorised modifications.

Key rule: “Can read up, can’t read down.”

  • For military organisations, the Bell-LaPadula model ensures restricted access to classified information.
  • For software development, the Biba model ensures data remains untampered.

Threat Modelling and Incident Response: Preparing for the Unexpected

Effective cybersecurity involves proactive threat modelling, akin to workplace risk assessments. This involves:

  1. Preparation
  2. Identification
  3. Mitigation
  4. Review

Popular frameworks for threat modelling include:

  • STRIDE: Spoofing identity, Tampering with data, Repudiation threats, Information disclosure, Denial of Service and Elevation of privileges. Addresses spoofing, tampering, repudiation, information disclosure, denial of service and privilege escalation.
  • PASTA: Process for Attack Simulation and Threat Analysis. Focuses on attack simulation and threat analysis.

Incident Response (IR)

Despite best efforts, incidents occur. Incident response ensures organisations can recover efficiently. A Computer Security Incident Response Team (CSIRT) typically handles such situations, following six phases:

  1. Preparation: Proactive measures to reduce risks.
  2. Identification: Recognising incidents as they occur.
  3. Containment: Isolating the threat.
  4. Eradication: Removing the threat from the system.
  5. Recovery: Restoring systems and data to operational status.
  6. Lessons Learned: Reflecting on the incident to improve future defenses.

Key Takeaways

Defence in Depth

A layered approach ensures no single point of failure compromises your organisation’s security.

CIA Triad

Balancing Confidentiality, Integrity, and Availability is essential for robust security policies.

Access Control

Use PIM and PAM to effectively manage access based on roles and data sensitivity.

Security Models

Leverage the Bell-LaPadula and Biba models to secure confidentiality and integrity, respectively.

Threat Modelling and IR

Proactive threat assessments and efficient incident response keep your organisation resilient against cyber threats.

Photo by Glen Carrie on Unsplash

By integrating these principles and frameworks, organisations can build a robust cybersecurity infrastructure, ensuring they are prepared to prevent, detect, and respond to threats in an increasingly connected world.

Thanks for reading, hope you found it useful. Please give a like as a sort of encouragement and also share this post in socials to show your extended support.

Connect 👉 X / Instagram / Github / Youtube

Published in InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Written by Dhanush N

Engineer, Chess enthusiast & Tech tinkerer. I build, break and hack systems while exploring the art of problem-solving. 🔗 https://www.youtube.com/@dhanushnehru

No responses yet

Write a response