52. What is Defense in Depth and why are information security policies so important to this military termed concept, and do you offer comprehensive I.T. security documentation?

Defense in Depth was initially a military strategy that put forth a “delay rather than prevent” concept, one that advocated yielding various elements to the enemy for purposes of buying extra time. Over time, the National Security Agency (NSA) adopted Defense in Depth as an information assurance (IA) concept in which multiple layers of security are used for protecting an organization’s information technology infrastructure.

Defense in Depth has since become a highly-adopted framework for many organizations around the world for helping ensure the safety and security of critical system resources. It’s been praised as a highly effective concept, one that employs appropriate countermeasure for thwarting attacks on an enterprise’s information systems environment. Defense in Depth – for purposes of information security – includes the following layers, which have been loosely adopted and agreed upon by industry leading vendors and other noted organizations:

  • Data
  • Application
  • Host
  • Internal Network
  • Perimeter
  • Physical
  • Policies, Procedures, Awareness

Security Policies | A Vital Component of Defense in Depth

All layers are critically important, especially the outer-most layer, “Policies, Procedures, and Awareness”, which is often an area lacking or requiring comprehensive remediation efforts for most organizations. More often than not, policies and procedures are outdated, antiquated, disjointed, and have become proverbial “shelf ware”. Ultimately, the success of Defense in Depth requires a true commitment to all layers, including putting in place essential policies, procedures and awareness activities, such as security training and other initiatives.

Your answer is the FLANK21 set of operational, business specific and information security policies and procedures from FLANK.  With hundreds of documents to choose from containing essential policies, procedures, forms, checklists, templates, provisioning and hardening documents – FLANK is your Defense-in-Depth answer for “Policies, Procedures, and Awareness”.

Download Information Security Policy for Defense in Depth

Defense in Depth, lauded by many, is an essential concept for fighting today’s growing cyber security threats, and it starts by putting in place industry leading, enterprise-wide security documentation. Learn more about Defense in Depth from the National Security Agency today.