Cyber

Defense in Depth is a security strategy that focuses on having multiple layers of protection for network and computers. The theory is that if one layer is breached, there are still more protection layers in place that an attacker must go through before they get into the computer system. Each layer slows the attacker down as they try to overcome it. Hopefully, the attacker will either give up or move on to another target or they will be detected before they can achieve their goal (Imperva, n.d.). In order to accomplish defense in depth strategy there are some elements that needs to be implemented.

Physical controls: These controls include security measures that prevent physical access to IT systems, such as security guards or locked doors (Imperva, n.d.).

Technical controls: Technical controls include security measures that protect network systems or resources using specialized hardware or software, such as a firewall appliance or antivirus program. An organization should sets up a firewall, and in addition, encrypts data flowing through the network, and encrypts data at rest. Even if attackers get past the firewall and steal data, the data is encrypted. Besides, running an Intrusion Protection System with trained security operators, and deploys an antivirus program is very crucial. This provides three layers of security, even if attackers get past the firewall, they can be detected and stopped by the IPS. And if they reach an end-user computer and try to install malware, it can be detected and removed by the antivirus (Imperva, n.d.).

Administrative controls: Administrative controls are security measures consisting of policies or procedures directed at an organization’s employees. For example, instructing users to label sensitive information as “confidential” (Imperva, n.d.).

Therefore, I conclude that GCU has many infrastructures that need to be secured carefully. At the same time, intruders can find holes as the Campus networking environment is complicated. As a result, multi layered network protection or Defense in Depth is the best fit to secure GCU’s networking system.

Imperva. (n.d.). Defense-in-Depth. Retrieved from https://www.imperva.com/learn/application-security/defense-in-depth/