Analyst & Research Reports

O'Reilly Modern Defense in Depth

Issue link:

Contents of this Issue


Page 7 of 53

about how to integrate the technologies so often found in our fight against cybercrime, of which any organization can take advantage, in order to make considerable improvements to solving this prob‐ lem once and for all. As a hands-on cybersecurity manager and practitioner with nearly two decades of experience deploying most of the very technologies covered in this book, I believe I discovered what might have been missing all along: the concept of integration. My goal in this book is to take you down the path of what I've experienced firsthand, demonstrate what our current approaches are like, highlight some of their deficiencies, and draw a parallel to a better approach to cyber‐ security. I also provide solid guidelines on how we can work together to achieve something greater through making the present lines of defense in your organization operate as one cohesive unit. To meet your expectations concerning the concepts I am about to divulge, I thoroughly cover every concept while attempting to be as brief as possible. Pertaining to the title of this book, the concept of Defense in Depth (DiD) has been around long before the inception of the internet. It has been widely recommended and, therefore, widely practiced in all sorts of different industries and organizations. In the context of cybersecurity, the current approach to DiD calls for independent lines of defense to be deployed between the internet and an organiza‐ tion's networks, internal users, publicly exposed web applications, and private data. From my personal experience and own observations, the currently accepted approach to DiD is seriously lacking, and a new approach is desperately needed. This new approach is explored in depth in this book. What I aim to prove is that the concept of integration, modeled similarly to a modern military, is the missing element that is so desperately needed today—to thoroughly protect our organiza‐ tions from cybercrime. After ingesting the content found in this book, you'll learn how and where to apply modern DiD strategies to the security postures within your own organizations. Furthermore, I demonstrate that anyone can measurably improve the defensive stances for their organizations by applying integrated approaches similar to a modern military. By the end of this book, you should have a solid understanding of how the recommendations presented within it can vi | Preface

Articles in this issue

view archives of Analyst & Research Reports - O'Reilly Modern Defense in Depth