Defence lines are the process of designing a defence system to prevent any attacker with multiple layers of defence. Defence in depth and the usage of least privilege are concepts that go hand in hand.
Access control, reliable encryption, authentication, firewalls, antivirus software, and trouble logging are a few of the multi-layers of a network defence. Least privilege refers to the idea that systems and applications should be configured to use the fewest privileges possible. Administrator or root access should never be established as the default on systems. Consider the illustration below as an illustration:
- Security of applications and data: Regular patching, encryption of private information, etc.
- Host security: dynamic whitelisting, write and read protection, limiting unauthorised services, and timely antivirus updating.
- Network: Firewall, sandboxing, IDS/IPS, VPNs, monitoring, and alerting are all components of network security (corporate plus ICS).
- Physical security: Fences, CCTV, ID cards, etc.
- Policy and Procedures: Risk management, incident response management, supply chain management, audit and assessment training, and awareness.
While the three lines of defence covering assurance, governance, risk, compliance, information security and cybersecurity functions can all be working in one way or another on information security and governance, one can examine the objectives, roles and activities of these functions to explore ways to optimize outputs. Optimized outputs mean the combined outputs of the various parties working on information security are maximized, which allows resources to be better deployed with increased productivity by reducing duplication. See source.