Defense in depth is a way of approaching cybersecurity that relies on layering defenses on top of each other. These various layers act as failsafe mechanisms, so if one is breached by a hacker, another layer of defense can attempt to stop the attack.
Terms related to Defense in Depth: Vulnerability, vulnerability management, network security, firewall, antivirus, cybersecurity, penetration testing, backdoor, exploit, monitoring, identity management, multifactor authentication, data integrity, encryption.
Defense in depth uses a variety of hardware, software, approaches, and tools to provide robust cybersecurity protection to an organization’s systems and data. This typically involves creating multiple redundancies, so if an attacker manages to get through one defensive layer, another layer is immediately introduced to thwart progress.
This approach to defense is useful because it insists on using different types of tools, techniques, and cybersecurity principles to build wide-ranging defenses. No one approach, by itself, is effective in stopping a determined attacker. The defense in depth approach gets around this by bringing together multiple areas to fortify systems and data.
Aspects of a defense in depth approach can include:
Each organization will implement defense in depth differently, based on available tools and sensitivity of data.