Analyst & Research Reports

O'Reilly Modern Defense in Depth

Issue link:

Contents of this Issue


Page 20 of 53

CHAPTER 2 Learning from Military Defense In comparison to a modern military, the previous examples of pro‐ tecting users and web applications have little, if any, similarity to the way a modern defense in depth (DiD) approach works in the con‐ text of warfare. For example, as one line of defense is attacked in the military, the other lines of defense downstream are adjusted by way of the internal threat intelligence gained to adequately shore up all defenses. There is a complete synergy that exists in the military lines of defense. Next, we look at the conventional definition of DiD as well as explore how a modern military operates in the context of integrated lines of defense. Military Usage of Defense in Depth DiD is a conventional military defense tactic that is being practiced today across many different industries. Traditionally, DiD provided a means of slowing down an attack against a target by using inde‐ pendent layers of protection, often called "lines of defense." The standard, widely accepted definition is that DiD argues against using a single line of defense because the likelihood of failure is usually quite high. DiD accepts the notion that when one defensive line fails, another line will take its place and ensure that risks are kept to tolerable levels. The main deficiency in the current DiD definition is that it calls for "independent lines of the defense," which does not convey how a modern military operates. Today, lines of communication and intelli‐ gence overlay the independent lines of defense found in the military 11

Articles in this issue

view archives of Analyst & Research Reports - O'Reilly Modern Defense in Depth