Adopting a Defense-in-Depth Approach to IT Security
Dynamic, increasingly complex environments are rich hunting grounds for bad actors and cyber criminals. Attackers look for any opportunity to steal data, plant ransomware, or install evasive malware for longer-term campaigns to achieve their end-goals. Forty percent of security breaches are now indirect, as threat actors target the weak links within (software) supply chains or wider business ecosystem. ²
This white paper examines how to adopt a defense-in-depth strategy that addresses three fundamental components to any security strategy:
- People: getting them to be part of the solution to securing access, not part of the problem;
- Processes: establishing repeatable, predictable best practices that continue to build security into the business;
- Technology: implementing security solutions, specifically those securing access and identity through preventative controls and detection methods, that work with other components to optimize protection and productivity.
²Accenture, Innovate for Cyber Resilience, 2020.