What is Layering in Security?

Layering | Defense-in-depth

One of the foundations of cyber security is the use of layering, which is also know to many as defense-in-depth and is a protection mechanism. Layering is the use of applying multiple controls (security guards, firewalls, locks, etc.) in a series. This means that organizations can use layering as a method to protect assets in a multilayered solution.

No one control can protect everything, which is why multiple controls are used and if one fails, another control is setup already to prevent exposure.

An example of layering is the use of a security guard and badge reader at an organization. If for some reason the badge reader is malfunctioning and allowing all personnel to enter, the security is the second line of defense in checking everyone’s identification after they use the badge reader. If for some reason the security guard lets that person pass, other controls can be in place such as office doors also having biometric readers before they can access.