7 layers of Cybersecurity

Cybersecurity is a concept for maintaining safety in cyberspace. Over time many models were tested and function simultaneously forming a tradition of sorts. One of them describes Cybersecurity through a seven-layer model, which from the most exterior are the following:

1. Human Layer
2. Perimeter Layer
3. Network Layer
4. Endpoint Layer
5. Application Layer
6. Data Layer
7. Mission Critical Assets

The Human Layer is, ironically the easiest target and most people fall for a social engineering trick, a phishing attack or a combination of both. Technically the model predicts the Human Layer to be the outermost, but in relity one should always consider it entangled in every other layer. After all there always exists a person with sufficient privileges to get inside all of the other layers. This means that no matter how good and elaborate the system's defense mechanisms are, there is always a human layer/link that is prone to classical attacks, e.g., phishing, vishing, smishing.

The second layer is all that direcly surrounds the potentially attackable place. It can be anything from the physical fence of the company to the office space, to immaterial things such as the nearest layer of the inner network. If a bad actor gets through the perimeter, they can will be conosidered inside the company with potential to do harm. Getting through the second layer means bypassing a gate of sorts, like a physical gate or a digital one.

This layer holds all the design of the network connections in the company or connections the person has. It is not only the outermost layer, like a single computer or a printer, not a gate. Contrary to the second layer this is more like the entire web connecting every single piece of infrastructure. Physically speaking we talk corridors, floors, staircases, lifts. Digitally these are all types of LAN networks, Wi-Fis, VPNs, Bluetooth networks, etc. A bad actor entering the Network layer can be dangerous because of all the possible connections that are now technically visible to them, even if not accessible.

Every floor is often divided into rooms, as are corridors. The Endpoint layer consists of all the ends of the network connections in the building or in the digital space. From application standpoint, endpoint is important because of the calls the app makes to create, receive, update or delete data. A person holding acces to a given endpoint has some power over the information being transfered, even if the permisison level is not high enough to permit full access to the data. This layer is especially dangerous in situations where the endpoints are not publicly available, e.g., APIs of the operating systems. Each enpoint should be well locked/protected from the possible bad actor.

A set of endpoints makes an application — a hub for transfering, modifying and presenting information to the end user. A control panel can be thought of as a good example, as is the Graphical User Interface (GUI). Application is a proxy between the user and the system, so the person controlling it holds some control over the system. As a combination of endpoints, networks and several other elements, applications are the most complex parts of the system and should be patched regularly. An updated system is typically much less vulnerable than an old one.

Some data are important, some are not. In all cases the data access should be kept very restricted and in all cases backups should be made. In many companies simply backing up the data is often not enough — it is always a good idea to encrypt the hard drives. That way even if a bad actor holds control of the data, they will still remain useless without the password.

The critical assets are whatever the company or a person cosiders dearest to them, and without what "the game is over". For a company this will be anything that gives it the edge over other companies and provides a source of income. It can be a physical thing, like a recipe, a document or a hard drive , but also an immaterial thing like an idea that one has only to their own.