Connect with us

CyberSecurity

Why Defense In Depth Is Not Good Enough

Why Defense In Depth Is Not Good Enough

Published on
For many years, information security professionals have discussed, and promoted, a strategy known as “Defense In Depth,” in which an organization utilizes multiple layers of security controls rather than just one layer, with the hope that if some vulnerability exists in one of the layers, the countermeasures in one or more of the other layers will compensate for the deficiencies, and deliver the necessary security. Furthermore, utilizing a proper implementation of Defense In Depth can increase the time that it takes a hacker to penetrate an organization – which also increases the chances of stopping him or her before he or she is able to steal data or commit other harmful acts. Sometimes Defense in Depth is known as layering, or as utilizing the “Castle Approach,” named for the physical security strategy employed by the builders of many of the castles of yesteryear by which multiple physical layered defenses were utilized to prevent breaches of the structures by invaders.
There is, however, a fundamental flaw in many Defense In Depth implementations… 
To read on please see my article, Why Defense In Depth Is Not Good Enough.

 

 

Continue Reading
Related Topics:

More in CyberSecurity

Cybersecurity For Dummies Now Available



CyberSecurity for Dummies is now available at special discounted pricing on Amazon.

This book makes a great gift for a loved one who you want to help stay cyber-secure.

Please click here for details.

POSTS BY DATE

  • 2020 (25)
  • 2019 (54)
  • 2018 (106)
  • 2017 (101)
  • 2016 (26)

POSTS BY CATEGORY

JOIN MY NEWSLETTER

* indicates required
To Top