Defense in Depth (also known as layered security and layered defense) is an information assurance (IA) concept.
It uses multiple layers of security controls (defenses) placed throughout an information technology (IT) system. The multiple layers are not of the same security tool. It uses several different kinds of security with each protecting against a different security attack.
Defense in depth is originally a military strategy. It seeks to delay rather than prevent the advance of an attacker by yielding space to buy time. The National Security Agency (NSA) changed the concept to be a comprehensive approach to information and electronic security.
The placement of protection mechanisms, procedures and policies is intended to increase the dependability of an IT system. Multiple layers of defense can prevent espionage. They also prevent direct attacks against critical systems. In terms of computer network defense, defense in depth measures should not only prevent security breaches but also buy an organization time to detect and respond to an attack.
Defense in depth has long been explained by using the onion as an example of the various layers of security. The outer layer contains the firewall. Middle layers contain various controls. The data is in the center protected by the other defenses.
A newer concept is the kill chain. Borrowed from the military it is a method of detecting and breaking an opponent's kill chain. Lockheed Martin adapted this concept to information security, using it as a method for modeling intrusions on a computer network.
Using more than one of the following layers constitutes defense in depth.
This article uses material from the Wikipedia Simple English article Defense in depth (computing), which is released under the Creative Commons Attribution-ShareAlike 3.0 license ("CC BY-SA 3.0"); additional terms may apply (view authors). Content is available under CC BY-SA 4.0 unless otherwise noted. Images, videos and audio are available under their respective licenses.
®Wikipedia is a registered trademark of the Wiki Foundation, Inc. Wiki Simple English (DUHOCTRUNGQUOC.VN) is an independent company and has no affiliation with Wiki Foundation.