Modern information security doctrine emphasizes multiple concentric protective rings creating a multilayered defensive perimeter. This concept, known as defense in depth, is based on the premise that if a single security mechanism fails, there will be a second (or third, or fourth) already deployed to defeat an attack.
Unfortunately, despite an increasing awareness of information security issues and the proliferation of network security technologies, the total number of reported breaches continues to grow at an alarming rate. Put bluntly, the payoff for the attacker is not the successful breach – it’s the successful exfiltration of exploitable data. The breach is nothing. It’s the data that’s everything.
This white paper by Adam Firestone explores data, or, more accurately, information security concepts and mechanisms.