The cyber world is built up by connecting different systems and devices via information highway. Therefore, the key cybersecurity element is to establish the perimeter.
In physical world, port control is the location perimeter. You need to go thru immigration, bag scanning at custom before you and your accompanied goods are permitted for entry. Some countries also require going thru immigration before exit. This is easily visualized.
In cyber world, controls at the network perimeter will need precise directives (or policies) such that adding new components or functions shall comply with the rules accordingly.
That said, the policy must be precise. Most often, “connection” is unclear and need clarity.
Using ISO 7 layer concept, network cables are always physically connected to the network devices. For certain cases if network based IPS or IDS is deployed, it will need collecting mirrored traffic from all over the network devices even if these network segments are zoned by design. The “actual” connection will take place from layers 3-7 with different types of link & protocol.
Other than IP network, there are other connection types like analogue or dry contact (simply on/off status).
It will be premature to stipulate which connection types are allowed and which require controls in a directive statement. Say, a dry contact itself is not vulnerable to cyber attack but we should look at how it is controlled and what is the consequence if the on/off operation is triggered. A holistic risk assessment on the entire system landscape is required.
[…] cybersecurity practitioners have implicit assumptions. The issue has been elaborated in earlier blog for network […]