Security Terms

Description

The following page provides user-friendly definitions and explanations of terms/concepts used in the Information Security field.  When I use a term that might not be understood by a general viewer, I define it on this page to ensure everyone has an easy time understanding the documents on my security blog.

Terminology

Defense in Depth – SANS definition of this term is “the approach of using multiple layers of security to guard against failure of a single security component”.  The key here is “multiple layers”.  Sometimes organizations rely on only a few layers of security controls to protect their environment.  For example, an organization might think that because they have a world-class firewall, that their environment “is secure”.  Well the problem is that if a hacker gets passed that firewall, you might have little to no remaining layers of security defenses that will protect your organization from that hacker breaching your environment.  SANS provided a case-study of the Target Breach in 2013 (see my links page).  One of the things highlighted in the study was:

‘Defense in Depth requires layers of security, but the weakest link in each layer may provide access to the next. It appears that there were vulnerabilities in each layer of defense employed by Target that ultimately allowed the attackers to gain access to some of their most sensitive data.’
So the important takeway here is that the best way to protect your organization from a security breach is to deploy an effective Defense in Depth security strategy, where you deploy many security technologies to lower your risk of a security breach.

<

Advertisement
%d bloggers like this: