Melbourne, Australia, February 2020.
As anyone who’s visited the Crown Jewels at the Tower of London would immediately know, humans have been doing ‘defence in depth’ for centuries when we built castles on high ground with thick walls, moats, guards, portcullises and impregnable ‘Keeps’ at the centre, says Cyber Partners Managing Partner Tony Barnes to a packed session of the Institute of Internal Auditors in Melbourne Australia.
This strategy is basic layering of obstacles to keep safe our most valued assets from what would do harm. And as ransomware continues to multiply in complexity and sneakiness, threatening and devastating enterprises large and small, he told the group that he couldn’t help thinking that the oldest defensive strategy in the book is the right one to deploy right now.
Cyber Partners’ Tony Barnes says: “Audit and Risk professionals have such a big part to play in leading the charge and holding the line on sensitive data protection particularly in large enterprises. Protecting data is not and never has been all about IT. It’s a whole of business activity.
“Having spent the week here in Melbourne talking with business leaders and Directors in numerous forums who have experienced the nightmare of being locked out of their business operations, and those worried about being the next headline, my advice has been to think about cyber security in the same way as they thought about physical security in the middle ages.
“There isn’t much sympathy around for companies that get hit and disrupt their supply chains and customers, despite the very real complexity involved in recovery.”
Whilst there’s a cost to doing digital defence in depth, Tony adds there are aspects which cost nothing. He says: “Putting Policy, Process and Culture at the heart is essentially free”.