strategiC Vulnerabilities 295
threat level of any vulnerability in this zone versus in others.
Although the assets themselves may not have as much value,
the damage to the company’s reputation and public image can
be difficult to repair.
Keep the aperture of attack small on targets handling criti-•
cal data. Database servers are a good example. ey contain
information critical to the organization, and therefore should
be kept in their own defensive zone. is zone should restrict
traffic to the bare minimum required. Additional security
devices can keep the systems and data safe while the remedies
to zero-day attacks surface.
Use mutually supporting defenses. Similar to the establish-•
ment of zones, the security features of a particular ...