How Engineering Principles Can Be Applied to Reinforce Cybersecurity Measures Against Evolving Threats
The threat that cyber attacks pose to the business world is staggering. In 2022, there were over 493 million ransomware attacks detected by organizations worldwide. That equates to more than 15 attacks per second, and ransomware is just one type of attack used by cybercriminals.
Organizations that fail to prevent attacks face severe consequences. The average ransomware cost in 2022 was $4.54 million, which does not include the cost of the ransom, and experts predict the total cost of ransomware attacks for 2023 will exceed $30 billion.
As organizations seek out reliable ways to thwart attacks, many are turning to engineering principles to reinforce their cybersecurity frameworks. This approach enables cybersecurity by design rather than deploying it as an add-on to core infrastructure, which results in a more systematic, proactive, and adaptable approach than that provided by other common security solutions.
Benefits of engineering-based security
One of the key benefits of an engineering-based approach to cybersecurity is that it addresses the vulnerabilities exploited by social engineering attacks. Statistics show these types of attacks, which focus on user failure rather than system weaknesses, are the most common. Phishing — a type of social engineering attack — is the most common cyberattack overall, accounting for more than 3.4 billion spam email messages daily.
Engineering principles can safeguard against these attacks by pursuing user-centered design, since analyzing systems from a human perspective during the engineering phase allows for the introduction of features that reduce unintentional vulnerabilities. Engineering can also proactively create user environments that maximize ease of use and reduce the risk of security failures.
Social engineering vulnerabilities can also be reduced by leveraging engineering to reduce the need for user interaction. Systems can be engineered to empower an enhanced zero-trust approach to cybersecurity in which processes are automated to remove the need for human involvement.
Applying engineering principles also boosts cybersecurity by empowering a systems-oriented view. Taking a holistic, system-wide view of cybersecurity provides insights that may be missed by strategies focused on isolated components, and allows for the identification of interconnections and emerging synergies that may lead to vulnerabilities.
Approaching cybersecurity as an engineering function results in more resilient systems. Rather than just empowering reactive controls designed to repel attacks, engineering principles can empower cybersecurity controls that are resilient to attacks, even when they succeed. Resilient systems limit the negative impact of breaches and increase the speed of recovery because they can adapt their security response once breaches occur, ensuring the negative impact of attacks is minimized.
Overall, bringing an engineering perspective to cybersecurity instills more structure into the security framework. It results in systems that are more rigorous and disciplined.
Methods of applying engineering principles to cybersecurity
One primary method of applying engineering principles to cybersecurity involves taking steps to increase automation while decreasing human involvement. As mentioned, human-induced vulnerabilities are one of the key causes of cybersecurity breaches, with statistics showing that nearly 75 percent of breaches are caused by human negligence such as the failure to install a patch.
Utilizing Infrastructure-as-Code (IaC) in the development and deployment process is one approach that leverages engineering to boost cybersecurity. IaC relies on codes and scripts to manage the infrastructure environment, rather than delegating management responsibility to human agents, which reduces the risk of social engineering attacks by removing access authority from the targets of those attacks.
IaC further reduces the risk of cyberattacks by using robot agents to increase the complexity of systems. Distinct runtime accounts utilized within network-isolated environments trigger automated processes, thwarting the effectiveness of attacks like spear phishing and lateral movement techniques.
Fail-safe defaults are another security measure that can be engineered into systems to address human weaknesses. Essentially, the defaults minimize the damage from security breaches by triggering failures that limit attacker access, ensuring a line of defense will stay in place after a breach. Multi-factor authentication (MFA) is a simple fail-safe device that has become a common cybersecurity feature. Safeguards that require administrator privileges to install programs are another form of fail-safe utilized to prevent damage from malware.
Taking an engineering approach to cybersecurity also allows organizations to build defense in depth. Security controls can be engineered into systems on multiple layers, leveraging tools like encryption, firewalls, and intrusion detection systems. With this approach, a failure at one level can be mitigated by controls engineered into the next.
Compartmentalization involves engineering strategies that segment systems and networks into different zones or compartments. By restricting access to system segments, organizations can reduce threats and contain damage when breaches occur.
Cybersecurity threats are higher than ever, forcing organizations to repel a never-ending barrage of attacks or suffer serious financial and reputational damage. By leveraging the synergy between engineering and cybersecurity, organizations can develop and deploy resilient and responsive systems that address some of today’s most prevalent cyber attack strategies