Excerpt from AccountingWeb
By David X Martin
When it comes to cybersecurity, there are no offensive strategies, only defensive ones.
The traditional approach relies on prevention strategies – as if a hardened shell surrounded your firm’s IT system. This approach assumes that cybersecurity incidents are exceptions, rather that frequent, ongoing, ever-more-creative attempts at breaching data.
However, there is an alternate approach called “Defense in Depth” – modeled after conventional military strategy – which is much more effective. Rather than concentrating all resources at the front line, the Defense in Depth strategy has defenders deployed in a series of pre-planned positions – in a series of layers – from which they can advantageously attack the advancing enemy.
Read the full story on AccountingWeb.com