The goal of security is to deter and therefore prevent unlawful access to a person, place or thing in order to safeguard against threats such as espionage, sabotage, terrorism, damage, and criminal activity. There's no single strategy that's 100% effective against all threats, as each situation is unique and a determined adversary can always find a way to their target depending on opportunity, motivation, capability, and determination.
Security in depth includes physical security measures, such as locks and guards, as well as logical security measures, such as firewalls, access controls, and encryption. The idea is that, if one layer of security fails, the other layers will still provide some protection. Security in depth also takes into account the security of the entire system or environment, rather than just protecting an individual asset.
Security-in-depth is a layered approach to safeguarding the security of individuals, equipment, and locations. It is similar to an onion, in which each layer must be removed in order to reach the core. This type of security is most effective when multiple security controls are implemented in a synergistic manner, creating a comprehensive security plan with components that work together.
The 4 main components in a security system are: deter, detect, delay, respond.
Deter
There are two main types of deterrence: physical and psychological.
A physical deterrence is meant to render a facility as an unattractive target so an adversary abandons attempts to infiltrate or attack. Discouraging an attack puts less strain on other resources and prevents further risk to people, property and reputation.
A psychological deterrence increases the likelihood that a criminal’s actions will be observed and reported to peace officers. Deterrent measures are usually accomplished at the site perimeter using highly visible security elements. Although deterrent features can discourage an attack (or other unlawful activity) it cannot stop an attack.
Detect
Detection methods are used to identify threats during the planning, reconnaissance and deployment phase of an attack in order to initiate an early response. Detection methods are most effective as an early warning to monitor and identify the threat before it penetrates the site perimeter or building access points. Detection measures involve the use of devices, systems and procedures to signal that unauthorized access (or an attempt) has occurred.
Detection methods won’t deny access to a facility, but they may draw attention to the adversary enough to give up on an entry attempt.
Delay
Delaying an intruder usually equates to decreased opportunity. The longer it takes an intruder to complete an attack, the greater the probability they will be seen and apprehended.
By creating a buffer zone between the target and their objective, the attacker could be enticed to a non-critical part of the facility, thereby delaying the attack. If someone penetrates any one of the aforementioned components it will take them time and energy to get through to the next layer, providing additional time to make critical decisions in response.
Not all intruders will be put off by security measures or other deterrents. Prolonging the amount of time it takes for an intruder to accomplish their objective, decreases opportunity in the criminal mind and allows for a longer response time for an intervening force to intercept the attack.
Respond
Response may be broken down into three major categories:
Immediate onsite response
After the fact response
Recovery
The response component requires communication to a response force (peace officer, guard-force) to alert them that an unauthorized person is attempting to enter (or has entered) the facility. Once a breech is detected, the response force is required to intercept and neutralize the threat before an attack has occurred, or control the situation if the attack has been completed.
An after the fact response is used to limit the extent of the incident and avoid the situation from worsening. This element includes: recovering stolen items, initiating emergency medical services (if the incident incurred casualties) and initiating a business continuity plan (if applicable). Once the situation is stable, this phase includes:
Reviewing video surveillance, incident report writing, and interviewing key witnesses
Damage assessment
Notifying key personnel; stakeholders, business partners
The recovery phase is the entities long term plan to recover from the incident. Depending on the type of incident this phase can include (but not limited to):
Working with law enforcement and legal teams to determine culpability
Prosecuting guilty parties
Working with insurance agencies to recoup a financial loss
Review/revise security plans to determine if the system met/meets its needs
In summary
Security-in-depth is a layered approach to safeguarding the security of individuals, equipment, and locations. It includes physical security measures, such as locks and guards, as well as logical security measures, such as firewalls, access controls, and encryption. Each of the layered security controls has to be planned in conjunction to the others. A perimeter fence alone may be ineffective if there’s no detection system in place to alert someone of a breech. A sophisticated detection system may be ineffective if nobody’s around to respond to a triggered alarm.
Are you looking for an effective security system to protect your organization?
Our security-in-depth approach combines physical, logical, and environmental security measures to ensure that your organization is as safe as possible. With our layered approach, we can create a system that is both secure and efficient.
Our solutions include physical security measures such as locks and guards, as well as logical security measures. We also provide business continuity plans (BCP), incident response, SOP development and staff awareness campaigns to help you prepare for any potential threats. Contact us today for a free consultation and let us help you find the best security solution for your organization.