SECTION 3FUNDAMENTAL STRATEGIES:PROVEN STRATEGIES THAT DON'T LET US DOWN
The intractable shortcomings and inherent challenges of authentication continue to provide a large opportunity for cybercrime. Until we can solve the authentication problem once and for all—effectively authenticating people to machines, software to hardware, processes to operating systems, and more—we will forever be compensating for this vulnerability with other essential strategies and mechanisms.
In the meantime, all is not lost. Cryptography, high-fidelity access control, and agile macro- and micro-segmentation can provide a substantial amount of cybersecurity. Each of these strategies is in a constant, rapid process of evolution and iteration to keep pace with the increasing sophistication of risks. All three have proven to be impressively resilient defenses against even the most skillful attacks. Encryption, based on hard-to-solve mathematical principles, is often used to help weed out people who try to falsely authenticate. Access control limits people to only the assets they need to do their jobs. Segmentation, based on well-constructed computer science implemented in firewalls, is used to put extra security around assets, since no one has successfully invented an impenetrable guard.
There are interrelationships among cryptography, access control, and segmentation that compensate for less-than-ideal ...