Defense In Depth

The Difference Between Defense and Protection

Having spent the better part of last year being overwhelmed with new security products and initiatives, I wanted to spend a little time discussing my standpoint on security and to provide others with some insight as to how I have come to this conclusion. Long story short – Most (nearly all) of my clients have been looking to improve their overall security posture. This is undoubtedly sparked by the surge of media attention surrounding the ever growing number of data breaches throughout 2012 and 2013. For any consultant, it is a wonderful phenomena that occurs when a client actually wants to embrace security and take it seriously, but it’s not as simple as it sounds. Where am I going with this? There is a clear misconception as to what the meaning of defense and protection actually are. Many vendors that you will encounter are in the business of selling tools. Many of them good, and many of them not so good, but at the end of the day they are just that… tools, and a sales pitch is just that… a sales pitch. I find that more and more organizations are buying into the protection ploy that they can bolt…

continue reading