The Crac des Chevaliers, Syria is an excellent example of medieval fortification during the Crusader wars and is an excellent representative of the fusion of European and Asian approaches to security.
We are in a similar situation when we look at the cyber wars and the threats we face today, we need to house or organization in a secure environment, where no one can get in and even if they did they should not be able to leave our fortress with our data and other valuable digital assets.
Reference: http://whc.unesco.org/en/list/1229
Photo of the fortifications of the fort as you enter the fort
There as similar forts in other parts of the world too including in India like Daulatabad in Aurangabad, Sriringapatnam near Mysore, the Agra Fort to name a few. All these forts were never conquered by assaulting the fort or in battle all these forts fell to the invading army by treachery.
Many of our information security jargon are derived for the protection used by the old forts the more popular being firewall, demilitarized zone, demarcation of zones, access rights , passwords, two factor authentication, honeypots.
As we glean through history we will find that the weakest link has been the trusted people who aligned with the enemy either willingly or by social engineering with the enemy.
The same applies for our organizational security today; we can bring in the best security solutions but managing them and keeping the organization secure rests squarely on its people.
The CISO and his team alone cannot secure the organization; security is everyone’s business in the organization. We come across organizations where the security policies do not apply to the CEO and Senior Management, there cannot be a more blatant approach to security. Secure the Board and Executive first from cyber attacks they are the most vulnerable, securing the troops who have access to less knowledge is normally taken as the priority. The rules should be same to all since all employees are vulnerable.
Many organizations shun automated tools because they believe it does not work for them, these organizations compromise their security posture. They need to use automated tools, which generate real time alerts and MIS reports on demand and on a given frequency, provide for an audit trial and also archival of incidents and transactional data.
Every person, every device, every I/O port in the network or device is all vulnerable, so is the data, you need to secure every digital artifact in the organization whether at rest or in motion.
Companies who believe a firewall, antivirus and a 16 digit password will secure their organization need to revisit their security architecture and build it again.
One approach of doing this is by building the organizations eco system with world class information security solutions from Trend Micro addressing the organizations needs to achieve fortification (defense in depth) from modern day cyber attacks at all vulnerable areas, the network gateway, the datacenter servers - be it physical, virtualized private cloud, hybrid cloud or public cloud servers, endpoints - be it physical or virtual desktops, laptops and mobile devices, by protecting these assets, the application and the data residing on them as well. All these security solutions are powered by a unique “from the cloud” protection known as the Trend Micro Smart Protection Network™ (SPN) a cloud based infrastructure of Email, Web, File, and the latest and unique Mobile Apps Reputation technologies, these technologies have the ability to correlate threats among themselves in the cloud to provide the customer with the lasted and up to date threat protection from the cloud within the shortest time. Trend Micro SPN today handles over 70B queries, blocks over 5B threats and protects over 130M devices from the cloud on a daily basis. Above all the management of the security or your organization is simplified with combination of agent and agent less solutions based on your network environment needs and all these managed by a single management console and reporting system, so no matter where or which state you are – bet it physical, virtual or cloud, you are simply protected
http://www.trendmicro.com/us/technology-innovation/our-technology/smart-protection-network/index.html
