We are digitizing society at an ever faster pace. Existing services and processes become digital, and at the same time, entirely new services are established, often built on existing infrastructure.
Conscia Blueprints – Security is a set of best practices and advice to support a defensible infrastructure. Conscia works with some of the biggest customers in Europe across sectors (health, energy, public), and infrastructure is in our blood. In our work to secure our customers, we have gathered a lot of experience in what works (and doesn’t work), how it scales, and what effect the various security measures have. We want to share this – with everyone.
Today’s threat picture is predominantly dark in tone. Criminal organizations have succeeded in the last ten years, especially with ransomware. Nation-states sponsor digital espionage and sabotage, and a great deal of work is going on in social media to influence and manipulate people. But together, we are strong, and we hope this document will help those of you who build the infrastructure that enables our digital everyday life.
Central to the concept of a defensible infrastructure is threat information – the knowledge of how the various actors operate when they attempt to misuse our digital resources. Some of this information will be common to most companies (think ransomware), while some is more pointed and sector-specific.
Smaller companies gain access to this information via partners and suppliers, while larger companies have security teams that can create customized threat information based on observations in their environment. Regardless of where you get the threat information from, a defensible infrastructure will use this throughout the entire life cycle of an infrastructure. You can sign up for our weekly ThreatInsights newsletter here.
This cycle is divided into four phases:
The purpose of this document is to provide an overview of our approach to a defensible infrastructure. We want to keep this product- and manufacturer-independent, so concrete ways to solve certain aspects will be absent here. Solving this technically will depend on the individual’s environment and expertise.
We will provide answers in our whitepaper Conscia Blueprints – Security.
Please fill out the form below, and we will send the PDF to the email address you provide.