Defense in Depth is a strategy using multiple security measures to protect the integrity of information. This way of thinking is used to cover all angles of business security - intentionally being redundant when necessary. If one line of defense is compromised, additional layers of defense are in place to ensure that threats don’t slip through the cracks. This method addresses the security vulnerabilities that inevitably exist in technology, personnel, and operations within a network.
As cyberthreats continue to evolve and tactics become more malicious and automated, Defense in Depth provides a solid, comprehensive approach to modern security for IT professionals.
This is critically important when you consider recent data from the Verizon 2020 Data Breach Investigations Report (DBIR). This year’s report analyzed more than 32,000 security incidents and nearly 4,000 confirmed breaches worldwide. Here are just a few alarming updates:
- More data breaches: Data breaches doubled since the 2019 DBIR.
- Attacks on the cloud: Web application attacks increased to 43%, double the previous year.
- Financially motivated attacks: A staggering 86% of data breaches were for financial gain (71% in the prior DBIR.)
- Email and credentials: 67% of the attacks involved phishing, business email compromise, and credential theft.
Defense in Depth’s value is its approach to combining advanced security tools to protect critical data and block threats before they reach endpoints and networks. Endpoint protection, including antivirus and firewalls, are still instrumental elements of complete security; however, a Defense in Depth strategy is seeing significant adoption as these methods of network security alone are no longer enough to protect the modern workforce.
The security risks are even more magnified today as work-from-home mandates continue at various levels for businesses across the globe. The reality is, as remote workers access and share data via cloud apps and work outside the traditional network perimeter, this not only impacts the success of digital transformation initiatives, but introduces new attack risks.
As IT and security professionals will agree, the Internet has become the new office perimeter and it must be defended in a new and comprehensive way. And this is where the concept of Defense in Depth shines as it takes cybersecurity a step further by acknowledging the macro controls needed for ultimate protection including physical, technical, and administrative aspects of the network.
These three controls build the architecture of a Defense in Depth strategy:
Physical Controls are the security measures that protect IT systems from physical harm. Examples of physical controls include security guards and locked doors.
Technical Controls are the protection methods that secure network systems. Hardware, software, and network level protection is included within a company’s specific technical controls. Cybersecurity efforts including layered security live in this category.
Administrative Controls are the policies and procedures put in place by an organization, directed at the employees. Training employees to make certain to label sensitive information as “confidential” or keep private files in proper folders are examples of administrative control.