With the cyber threat landscape growing constantly and cyberattacks becoming more sophisticated, it is imperative for any organization to be well-prepared with a clear and actionable cyber defense strategy. As noted by Chuck Robbins, Chairman, and CEO at Cisco, during his keynote at the RSA Conference 2021, cybercrime caused an estimated 6 trillion USD in damage globally in 2021 (1). Furthermore, the damage caused by cybercrime globally is estimated to grow about 15% per year, reaching 10.5 USD by 2025 (2). With remote working becoming a norm during post covid-19 pandemic in many organizations, the enterprise network perimeter has shifted, and more vulnerable points have been created. The Cyber security strategy needs to adapt to emerging attacks.
This article proposes a security strategy that builds upon the well-established Defense-in-Depth concept, complemented by a more recent paradigm known as Zero trust. After giving a brief overview of both concepts, we will provide more details on specific actions that, if implemented correctly, will increase your organization’s capabilities in combatting emerging cyberattacks and risks.