Most consider cybersecurity controls require hi-tech solution such as deep packet inspection, non-revisible encryption, biometric authentication with time of day usage permission, sandbox to validate behavior of unknown executables, event correlation from various log sources to trace the network traffic, data leakage detection, etc.

Yes, to some degrees these are true and required.  But controls must be deployed correctly to minimize attack surface or avoid affecting other existing controls.  Further, resources are always limited in real world.  We have to deploy optimal controls.  Examples are:

  • Preventive control – building the separation between opposite lanes is costly
  • Detective control – the traffic camera is less costly but requires process to review events
  • Administrative control – the double solid white lines are the most cost-effective control

Notwithstanding all these control types, behind the scene they must be enforceable by regulations for consequence of violation.

Leave a Reply