An Effective Approach to Defense in Depth

Posted on Posted in SecConf


We’ve all heard about Defense in Depth. All too often though, we don’t know how to effectively explain this concept. Many presentations about this topic are just plain boring and repetitive. How do we break the mold?

In this Defense in Depth presentation, Tom illustrates an effective security approach through the image of a castle. He reviews many of the different defenses that can be deployed in unison to better secure a network from a range of threats, using examples based on a wide range of experiences across enterprises of all shapes and sizes. Tom also provides examples of improvements that can be made leveraging existing controls to provide an overall increase in organizational security. While a single layer of defense cannot be considered adequate and no system can be
considered absolutely secure, a multi-tiered security approach can effectively reduce the overall risk an organization must face.


Tom Kopchak is a Senior Security Engineer and Operations Team Lead at Hurricane Labs, an Information Security Firm in Cleveland, Ohio who specializes in Splunk design and implementation, network integration, and firewall and network security. Tom is an alum of the Rochester Institute of Technology, with a background in Computing Security and Information Security (MS) and Applied Networking and System Administration (BS). His research areas include computer forensics and data storage technologies. When he is not working with computers, Tom enjoys composing, music improvisation (Acts of Music), and playing both the piano and organ.



Quelle: BSidesPGH