Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

defense-in-depth

Abbreviation(s) and Synonym(s):

None

Definition(s):

  Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.
Source(s):
NIST SP 800-53 Rev. 4 under Defense-in-Depth

  Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.
Source(s):
NIST SP 800-30 Rev. 1 under Defense-in-Depth (CNSSI 4009)
NIST SP 800-39 under Defense-in-Depth (CNSSI 4009)
NIST SP 800-53 Rev. 4 under Defense-in-Depth

  Information Security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and missions of the organization.
Source(s):
CNSSI 4009-2015 (NIST SP 800-53 Rev. 4)

  Information security strategy integrating people, technology, and operations capabilities to establish variable barriers across multiple layers and dimensions of the organization.
Source(s):
NIST SP 800-161 under Defense-in-Depth (CNSSI 4009, NIST SP 800-53 Rev. 4)
NISTIR 7622 under Defense-in-Depth (CNSSI 4009-2010, NIST SP 800-53)

  The application of multiple countermeasures in a layered or stepwise manner to achieve security objectives. The methodology involves layering heterogeneous security technologies in the common attack vectors to ensure that attacks missed by one technology are caught by another.
Source(s):
NISTIR 8183 under Defense-in-depth (ISA/IEC 62443)