Defense in depth is the application of multiple layers of controls are to defend against threats. Many security controls are applicable to a variety of assets and numerous threats. In some cases, the controls applied to one layer of defense may be redundant (e.g. belt and suspenders). In other cases, the controls may have complementary characteristics.
The following figure illustrates layers of defense, protecting the assets identified at the bottom.
Layers will be discussed in the following posts:
- Personnel Security
- Physical Security
- Computing and Network Security
- Security Systems
- Information Systems Protection
- Lessons Learned
Copyright © 2019 Christopher T. Carlson