Maritime Cyber Security: The Wrong Formula

marlinkcyber

11/15/2017 -     WWW.MARINELINK.COM

By Scott Blough and Kyle Johnson

For many industries, cyber security is about target hardening and perimeter defense. This makes sense, as cyber security is implemented in much the same way that physical security is implemented. We often think of it in terms of the medieval castle design, which translates to defense in depth in modern vernacular. The focus on defense in depth can be explained by a simple equation:
 
Security = Hardened Target + Perimeter Defense
 
This formula makes sense, as we can see and touch perimeter defense in physical security. We have seen and are comfortable with things such as fencing, ingress and egress areas (think doors, drives, sidewalks), guard stations and cameras. We like things we can see and touch. In the cyber security world, this translates into firewalls, intrusion prevention systems, intrusion detection system and antivirus software. Target hardening is a bit more obscure, but nonetheless, we can still it in action in our secure facilities. We understand locked doors, escorts, authorized access only signs and visitor badges. For target hardening in cyber security world, we use things such as network segmentation, air gaps and disabling certain features such as USB drive access. Even though we may not be able to physically touch it, we can see it on a network diagram and feel safe.  CLICK HERE TO READ FULL ARTICLE