Back to Basics: Defense in Depth
What is defense in depth?
Defense in depth (DiD) is a process or approach that applies a series of different technical and non-technical cyber strategies to apply a layered security approach to help protect an organization from malicious activity. Essentially, each safeguard acts as a safe redundancy of the last and makes it, so cybercriminals have to make it past multiple safeguards before getting anywhere lucrative on a victim system.
Elements of Defense in Depth
Creating systems with DiD in place can become costly and cumbersome if not approached correctly. With the term redundancy at the peak of DiD, it can become fairly easy to create ineffective systems, or at the very least, develop systems that become expensive and have multiple technologies that serve the same purpose.
Networks
Networks can be thought of as the streets of the systems (this is where all the “foot traffic” is) and should have systems in place to ensure that traffic is monitored and that malicious traffic is prevented. This means installing systems such as intrusion prevention systems (IPS) that can monitor…
