Protection Comes In Layers
Dr. Jim Marquardson, Assistant Professor
"The British Crown Jewels sit in the Jewel House in the Tower of London on the banks of the River Thames. They are protected by several independent security measures—a technique known as defense in depth. First, the entire complex is surrounded by a moat. On the outer walls, guards stand watch for ambitious swimmers. Access through the outer walls is restricted to a few guarded gates. Famously stoic (and highly competent) guards parade the inner grounds. The Jewel House is littered with cameras. The jewels themselves sit behind bomb proof glass. Alone, none of these measures would prevent the theft of the jewels, but together they create a nearly foolproof security solution.
Similar to how the Crown Jewels are protected, those who defend systems from hackers must employ several layers of defense to ensure that systems and data remain secure. These layers include applying monthly operating system updates, ensuring that secure passwords are used, training people to recognize phishing emails, monitoring system usage, making sure that people have appropriate system-level permissions and much more. When a defensive in depth strategy is used appropriately, a hacker might be able to circumvent one layer of security but still be unable to do any damage.
Training at the Upper Peninsula Cyber Institute teaches people about the many parts of modern information systems and how they can be protected. Cybersecurity professionals must be able to assess the security of physical facilities, computer networks, operating systems, and software. They must be able to assess risk and create plans for responding to risk. Professionals must work within organizations to create effective programs that help achieve their organizations’ missions while protecting assets at an acceptable cost. It is a daunting task that requires cybersecurity professionals to keep learning and adapting. The Upper Peninsula Cybersecurity Institute is here to help ensure that relevant training is available to everybody who needs it."
Dr. Jim Marquardson is an Assistant Professor of Information Assurance and Cyber Defense in the College of Business at Northern Michigan University. Dr. Marquardson earned his PhD from the University of Arizona in 2015, the same year he joined the NMU faculty. His professional experience includes working for Zions Bank and ExxonMobil.