In March 2022, Okta confirmed that the Lapsus$ threat actor group had breached a third-party support engineer's laptop and accessed internal systems. The attack didn't exploit some exotic zero-day vulnerability. It started with compromised credentials — a single point of failure in what should have been a layered defense. This is the reality of computer security security in 2022: one weak layer and the whole stack crumbles.
If you're reading this, you're probably trying to figure out what actually works. Not the marketing fluff from vendors. Not the theoretical frameworks nobody implements. The practical, layered defenses that stop real threat actors from turning your organization into the next headline. That's exactly what we're covering here.
Why "Computer Security Security" Isn't Redundant — It's the Point
The phrase sounds awkward, but it captures something important. Computer security itself needs securing. Your firewall needs proper configuration. Your antivirus needs updates. Your security policies need enforcement. Your people need training. It's security all the way down.
The Verizon 2022 Data Breach Investigations Report found that 82% of breaches involved a human element — including social engineering, errors, and misuse. That means your technical controls, no matter how sophisticated, are only as strong as the people operating them. You can't just secure computers. You have to secure the security.
This is the mindset shift that separates organizations that survive incidents from those that end up paying seven-figure ransomware demands.
The $4.88M Lesson Most Organizations Learn Too Late
IBM's Cost of a Data Breach Report 2022 pegged the average breach cost at $4.35 million globally — and $9.44 million in the United States. Those numbers aren't abstract. They include forensic investigation, legal fees, regulatory fines, customer notification, and the brand damage that lingers for years.
Here's what I've seen repeatedly: organizations invest heavily in one layer and neglect everything else. They'll buy a next-gen firewall and skip security awareness training. They'll deploy endpoint detection but never run a phishing simulation. They'll write a 200-page security policy that no employee has ever read.
Effective computer security security means no single layer carries all the weight. When one fails — and it will — the next layer catches the threat.
The Six Layers That Actually Stop Attacks
I've spent years watching what works and what doesn't. These six layers, implemented properly, will handle the vast majority of threats your organization faces in 2022.
Layer 1: Identity and Access Management
Credential theft remains the top initial attack vector. The Lapsus$ group didn't need malware — they bought credentials. Multi-factor authentication (MFA) is non-negotiable. Every account. Every application. No exceptions for executives.
Deploy MFA with hardware tokens or authenticator apps, not SMS. SIM-swapping attacks have made SMS-based MFA dangerously unreliable. If you're still using passwords alone, you're essentially leaving the front door open with a welcome mat.
Layer 2: Network Segmentation and Zero Trust
The old castle-and-moat approach is dead. Zero trust assumes every user, device, and connection is potentially compromised. That means verifying every access request, limiting lateral movement, and enforcing least-privilege access across your network.
In my experience, most small and mid-sized organizations have flat networks. One compromised workstation gives a threat actor access to everything — file servers, databases, admin consoles. Segment your network. Restrict access by role. Monitor east-west traffic, not just north-south.
Layer 3: Endpoint Detection and Response (EDR)
Traditional antivirus relies on signature matching. It catches known threats. EDR watches behavior. When ransomware starts encrypting files, EDR can detect the anomalous file system activity and kill the process before it spreads.
This is the layer that saved Colonial Pipeline from total destruction in May 2021. They detected the attack quickly enough to isolate systems — though not quickly enough to avoid paying a $4.4 million ransom. Earlier detection would have changed that equation entirely.
Layer 4: Email Security and Phishing Defense
Over 90% of cyberattacks start with an email. Your email gateway needs to filter malicious attachments, block known phishing domains, and flag suspicious links. But no filter catches everything.
That's why phishing simulations matter. You need to test your employees with realistic attacks, measure who clicks, and provide immediate training to those who fall for it. If you're looking for a practical starting point, our phishing awareness training for organizations walks teams through exactly what real phishing attacks look like and how to report them.
Layer 5: Patch Management
The Log4Shell vulnerability (CVE-2021-44228) disclosed in December 2021 is still being actively exploited in 2022. CISA has repeatedly warned that unpatched systems remain the easiest targets for threat actors. Yet patch management remains one of the most neglected security functions.
Establish a patching cadence: critical vulnerabilities within 48 hours, high-severity within two weeks, everything else monthly. Automate where possible. Track compliance. No excuses.
Layer 6: Security Awareness Training
This is the layer that multiplies the effectiveness of every other layer. A trained employee who recognizes a social engineering attempt doesn't click the link. They don't open the attachment. They don't wire money to a spoofed vendor account.
I've seen organizations cut their phishing click rates from 35% to under 5% within six months of consistent training. That's not a marginal improvement — it's a fundamental shift in organizational risk. Our cybersecurity awareness training program covers the threats your team faces every day, from credential theft to pretexting to business email compromise.
What Is Layered Computer Security and Why Does It Matter?
Layered computer security — also called defense in depth — is a strategy that deploys multiple independent security controls so that if one fails, others still protect your systems and data. It matters because no single security product or policy can stop every attack. Threat actors probe for the weakest point. Layered defense ensures there's always another barrier between them and your critical assets.
Think of it like a bank. The bank has a vault door, but it also has security cameras, armed guards, dye packs, silent alarms, and time-locked mechanisms. No single measure is foolproof. Together, they make robbery extraordinarily difficult and risky.
The Zero Trust Shift: Stop Trusting, Start Verifying
The Biden administration's January 2022 memorandum (M-22-09) mandated federal agencies to adopt zero trust architecture by the end of fiscal year 2024. This isn't a trend. It's a directive driven by the reality that perimeter-based security has failed against modern threat actors.
Zero trust principles apply to organizations of every size. Here's where to start:
- Verify explicitly. Authenticate and authorize every access request based on all available data — user identity, device health, location, and the sensitivity of the resource being accessed.
- Use least-privilege access. Grant the minimum permissions needed for each role. Review and revoke access regularly.
- Assume breach. Design your network and incident response plans as if an attacker is already inside. Because statistically, they might be. The Mandiant M-Trends 2022 report found the median dwell time for intrusions was still 21 days globally.
Zero trust isn't a product you buy. It's an architecture you build, one policy and one control at a time.
Ransomware in 2022: The Threat That Keeps Escalating
The FBI's Internet Crime Complaint Center (IC3) received 3,729 ransomware complaints in 2021, with adjusted losses exceeding $49.2 million. And those are just the reported cases — the actual numbers are almost certainly several times higher. You can review the full 2021 FBI IC3 Internet Crime Report for the complete breakdown.
Ransomware gangs have evolved their tactics. Double extortion — encrypting data and threatening to leak it — is now standard. Some groups have added triple extortion, directly contacting victims' customers and partners to increase pressure.
Your computer security security posture against ransomware depends on multiple layers working together:
- Offline backups that threat actors can't encrypt. Test them. Regularly.
- EDR that detects encryption behavior in real time.
- Email filtering that blocks the initial delivery mechanism.
- MFA that prevents stolen credentials from being useful.
- Trained employees who don't open the weaponized Excel file.
No single control stops ransomware. All of them together make it extremely hard to execute.
Building Your Computer Security Security Roadmap
Here's how I recommend organizations prioritize in 2022, regardless of size or budget.
Month 1: Fundamentals
Enable MFA everywhere. Inventory all internet-facing assets. Patch critical vulnerabilities. Deploy email security controls. These actions alone block the majority of opportunistic attacks.
Month 2-3: People and Processes
Launch a security awareness training program. Run your first phishing simulation. Establish an incident response plan and walk through a tabletop exercise. Document your backup and recovery procedures.
Month 4-6: Architecture
Begin network segmentation. Implement least-privilege access policies. Deploy EDR on all endpoints. Start building toward zero trust. Review third-party vendor access — the Okta breach reminded everyone that your security is only as strong as your weakest vendor.
Ongoing: Measure and Adapt
Track metrics: phishing click rates, mean time to patch, MFA adoption percentage, incident response times. Security isn't a project with an end date. It's a continuous process that adapts to new threats.
The Human Layer Never Goes Away
I've audited organizations with seven-figure security budgets that got breached because an employee reused a password from a compromised personal account. I've also seen two-person companies that stayed secure because both people understood the threats and practiced good habits.
Technology matters. Architecture matters. But the human layer is the one that threat actors target most consistently because it works most consistently. Social engineering exploits trust, urgency, and authority — psychological levers that no firewall can filter.
Invest in your people. Run regular phishing simulations through a platform like our phishing awareness training. Make security awareness part of onboarding, not a once-a-year checkbox. Pair it with hands-on cybersecurity awareness training that covers real-world scenarios your employees will actually encounter.
CISA's Shields Up guidance has been reinforcing this message all year: every organization, regardless of size, needs to be prepared. The threat landscape in 2022 demands nothing less.
Your computer security security isn't a single tool, a single policy, or a single training session. It's the combination of all of them, tested regularly and improved continuously. Start with the layer that's weakest in your organization right now, and build from there.