Chapter 6: Layers of defence in depth

In very broad terms, there are three key layers to defence in depth and, in turn, becoming cyber resilient:

1. Prevention

Trying to prevent cyber incidents from occurring at all, or at least mitigate their impact if they do occur.

2. Detection

Knowing when your preventive measures have failed.

3. Response

Following up on detected incidents.

These can be split up further – such as into the common five-phase approach of identify, protect, detect, respond and recover – but these three are essentially a bare minimum. You can also stick with these three but divide each up into multiple layers of defence.

The following sections discuss prevention, detection and response in more detail. We will also look at a fourth ...

Get Cyber resilience - Defence-in-depth principles now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cyber resilience - Defence-in-depth principles by Alan Calder

CHAPTER 6: LAYERS OF DEFENCE IN DEPTH

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly