The principle of in-depth security has become an established principle among IT security experts. Multiple levels of control are to prevent or limit attackers’ ability to damage systems. Prioritizing all security checks is not necessarily appropriate or cost effective.
Knowledge of the attacker’s approach should be the basis for prioritizing resources associated with cyber security. The need for costly security in depth initiatives will be less if adequate security initiatives are taken to stop the attackers in the start phase.
This lecture will address the actual threat a company or organization is facing and how risk can be handled – based on real scenarios.