Defense in Depth Cybersecurity: Is It Enough?

The one thing cyber criminals are best at is finding vulnerabilities before the good guys do, whether it’s through commonly used software, or even in your own network.

In the current cyber threat landscape, you must take more than one step or measure to protect your network and data. That’s why a lot of organizations take on the ‘defense in depth’ strategy, which includes several independent layers of defense so that if one layer fails to prevent an attack or breach, another layer or tool may be there to protect the network at the next step a cyber criminal takes.

Tools and strategies such as password policies, antivirus protection, email filters or blockers, firewalls, multi-factor authentication, and encryption are all good, important examples of defense in depth layers.

But are they enough?

• Is it enough to change your password once a year?
• What if a firewall is misconfigured by the person setting it up?
• Can modern email filters catch phishing emails written by AI?
• How do you close the gaps in your security stack?

Today’s cyber threat landscape requires tools and strategies that can address endpoints, everything connected to your network, and all the ways cyber criminals can find a way in. That includes zero day attacks, known vulnerabilities, patches and other misconfigurations found by scanning, to find the gaps in your network before cyber criminals do.

Listen to our hosts, Sean Scott and Alex Lorello, discuss if a defense-in-depth cybersecurity strategy is enough to adequately protect your network, and have your questions answered live.