IT Strategy: Defense in depth

Day after day, we are hearing news about a hack or data breach or network compromise across the Globe. The nature of business, location of offence, source and mode of attack, size of organizations, intensity, extent of impact etc may differ but what is common among all – the loss of face!!

Interestingly, all of these organizations are of high repute, mostly in technology domain or extensively relying on technology and obviously having a role similar to CISO. According to the publicly available information, they have sizable budgets to secure the organizations and implemented some or other strategies to secure their information resources!

No doubt, securing information sources require a comprehensive governance model which, among other things include risk management of valuable (information) assets. Risk management involves developing a policy to meet the business requirements, defining roles and responsibilities, design, implementation and monitoring of control framework and finally but most importantly imparting awareness and or training to the users.

While designing the risk management framework, one of the best practices is to follow a “Defense in depth”
approach that has been proven to be effective in securing IT resources in organizations big or small.

Defense in depth is originally a military strategy where it seeks to delay rather than prevent the advance of an attacker, buying time and causing additional casualties by yielding space. Rather than defeating an attacker with a single, strong defensive line, defense in depth relies on the tendency of an attack to lose momentum over a period of time or as it covers a larger area.

This approach is now widely used to describe multi-layered or redundant protections for non-military situations, both tactical and strategic. The idea behind the defense in depth approach is to defend a system against any particular attack using several, varying methods.

It is a layering tactic, prevent the attacker in reaching his target and considered to be a a comprehensive approach to information security.

Remember, Defense in depth is not an additional level of security to be implemented and rather it is an understanding of management that NO single approach to information security, even though that is top of the class, can provide a reasonable level of comfort to them. They need to consider multiple approaches like Anti virus software, Authentication and password security, Biometrics, Demilitarized zones (DMZ), Firewalls, Hashing passwords, Intrusion detection systems,Logging and auditing,Physical security,Sandboxing, awareness training, education of end users and so on while implementing their risk management strategy. While each one can only assure limited extent of CIA (Confidentiality, Integrity & Availability), together, they provide strong defense.


16 thoughts on “IT Strategy: Defense in depth

  1. I discovered your weblog web site on google and verify a couple of of your early posts. Continue to maintain up the excellent operate. I just further up your RSS feed to my MSN Information Reader. Looking for ahead to reading more from you later on!…

  2. Very nice post. I just stumbled upon your blog and wished to say that I’ve really enjoyed surfing around your blog posts. In any case I will be subscribing to your feed and I hope you write again very soon!

  3. I have been absent for some time, but now I remember why I used to love this site. Thank you, I will try and check back more often. How frequently you update your website?

  4. I believe this is one of the so much vital info for me. And i’m happy reading your article. However wanna observation on some general issues, The web site style is great, the articles is in reality excellent : D. Excellent task, cheers

  5. I don’t even know how I finished up here, but I believed this submit was great. I don’t know who you’re but definitely you are going to a well-known blogger when you aren’t already 😉 Cheers!

  6. I’m a long time watcher and I just considered I’d drop by and say hello there there for the incredibly initially time.

  7. What i do not understood is in reality how you’re not actually much more neatly-liked than you might be right now. You’re very intelligent. You know thus considerably in the case of this matter, produced me in my opinion imagine it from so many numerous angles. Its like men and women are not interested except it is one thing to do with Lady gaga! Your own stuffs nice. At all times care for it up!

  8. Woah! I’m really enjoying the template/theme of this site. It’s simple, yet effective. A lot of times it’s hard to get that “perfect balance” between user friendliness and appearance. I must say you have done a great job with this. In addition, the blog loads very fast for me on Chrome. Outstanding Blog!

  9. Hello There. I found your weblog the usage of msn. This is a very smartly written article. I will be sure to bookmark it and return to read extra of your helpful information. Thanks for the post. I will definitely comeback.

  10. Howdy! Would you mind if I share your blog with my myspace group? There’s a lot of people that I think would really enjoy your content. Please let me know. Thank you

  11. Greetings! I’ve been following your website for some time now and finally got the courage to go ahead and give you a shout out from Kingwood Texas! Just wanted to tell you keep up the great job!

  12. I simply want to tell you that I’m all new to weblog and actually enjoyed your page. Very likely I’m want to bookmark your blog post . You amazingly have excellent well written articles. Thanks a bunch for sharing with us your web site.

  13. You could certainly see your expertise in the work you write. The world hopes for more passionate writers like you who are not afraid to say how they believe. Always go after your heart.

  14. I simply want to tell you that I am newbie to weblog and absolutely liked your web site. More than likely I’m planning to bookmark your blog post . You really have excellent stories. Thanks a bunch for sharing your web site.

Comments are closed.