Defence in Depth for Securing Computer Systems
 | Please share your thoughts about whether to keep this book on Wikibooks. Maintain this notice so this book can receive a fair review and people have time to boldly address reasonable concerns through concrete improvements. Remove or replace this notice after discussion concludes and a community decision is made. Please also consider notifying the primary contributors on their discussion page with
|
But a lot of businesses out there don't see the return on investment, they look at it as a liability, and until they can understand that proactive security actually returns, gives them a return on investment, it's still a hard sell for people.
The concept of Defence in Depth is going to cost your organisation money. It is not cheap to implement, and it is something you have to feed money into every day to maintain. So why do you do it? The simple answer is to protect the business. Business of today is no longer just bricks and mortar. It is no longer just buildings and street addresses. The heart of business today is information. Take away the information and the bricks and mortar will be sold off eventually at bankruptcy auction.
Defence in Depth is all about protecting the information by building up a number of layers around it. It isn’t simply putting up and firewall and walking away. Defence in Depth is building a number of layers around the information that work together to provide a strong and (hopefully) impenetrable.
This book will most likely not cover a lot of new ground for you. A lot of the concepts here are standard areas you will cover working in any IT department. What is new is the aspect of integrating them into one consolidated defensive strategy.
Nine main areas will be covered. These will include:
- Preparation
- The Technology
- The Business
- The People
- The Physical
- The Policy
- Incident Handling
- Information Warfare and Operations Security
- Putting it together Category:Alphabetical/D Category:Book:Defence in Depth for Securing Computer Systems#%20 Category:Subject:Information security#Defence%20in%20Depth%20for%20Securing%20Computer%20Systems