Cybersecurity 101 - What Is Defense-In-Depth?

 

Defense-in-depth is the term that we use to describe a strategy of defense that assumes attackers will evade or bypass some of the security mechanisms put in place to stop them. Attackers are clever human beings, and when they encounter impediments to their work trying to break into a network, they sometimes find ways to get around those.

That's why it's important not just to have one layer of protection or one layer of defenses protecting your sensitive data. It's important that if attackers get past, let's say, a password in order to log in remotely, that they don't then have free range to do anything they want on the network.

Therefore, the defenses that you put in place should assume if an attacker is gotten past one point of defense, that there is something else to catch them.

One of those pieces of defense-in-depth that's very important, is someone monitoring your logs to make sure that if an attacker does get through, anything that they do after that in terms of trying to gain access to other systems, elevate their privileges by getting an administrator account, or running unusual scripts or programs, gets detected by an analyst and responded to in a timely manner to keep that attacker from doing any more harm.

To learn more about all the options available to you for meeting your organization’s data protection and network security requirements (including security posture and risk assessments, and awareness training and employee education programs) ... simply ask us at FREE Network Connectivity, Design, & Security Resource.