Defense of depth is one of the key, basic principles of security taught by SANS as part of their Security Essentials curriculum. The idea is the more lines of defense a company has in place, the less likely there will be a successful penetration, the more chance there is that an attack can be detected and the most likeliness an attacker will give up and move on to another more vulnerable target. In this light, many people might think of multiple layers of technology such as firewalls, networks, host and network intrusion detection systems, bastion hosts, etc. that would comprise this defense of depth. However, we know based on published surveys and analyses that the biggest threat to our technology environment is often ourselves.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
