What is Defense in Depth?
Defense in Depth is a cybersecurity strategy that implements multiple layers of Security Controls across an organization's environment to reduce the likelihood of a successful attack. Instead of relying on a single control, this approach assumes that threats will bypass individual defenses.
These layers can include Technical Controls such as Firewalls and EDR, Administrative Controls such as policies and procedures, and Physical Controls protecting infrastructure. The strategy aligns closely with Zero Trust and modern security architecture principles.
What is Defense in Depth used for?
Defense in Depth is used to minimize risk by creating redundancy in security controls, ensuring that failure in one layer does not result in a full compromise. It helps protect Critical Business Assets (CBA) and supports resilience against threats such as Exploits, Phishing, and Supply Chain Attack scenarios.
Security leaders use this approach to strengthen Security Posture, improve detection capabilities through SIEM and XDR, and align with frameworks such as NIST Cybersecurity Framework and ISO/IEC 27001.