« Risk Management in the NFL | Main | Identity Defense in Depth »



I also disagree that the security controls must "live" at a higher logical level. There are always ways to cross security levels, even down to the point where hardware can be damaged.

The layered protections approach isn't perfect, but it's the best we have. Properly designed, each of the layers should protect the weak spots in the others.

The comments to this entry are closed.