> Defenders have to always win on all fronts, but terrorists only have to win once on any of n fronts
It depends on how you design systems and processes.
Let Mn denote the nth defense mechanism of a system. We can build architectures in which the probability of breaches is calculated as:
(M0 is pwned) AND (M1 pwned) AND (M2 is pwned) AND (M3 is pwned).....
You can see the total probability can become small quickly, as it's computed as the product of all probabilites. The collorary is: it's possible to design secure systems from insecure building blocks (as long as those are reasonably uncorrelated!)
Insecure systems are generally designed the way you suggest in your post: if a single defense mechanism is breached, the whole system will be breached. So you basically are as secure as your weakest link.
Yes, I haven't mentioned defence in depth here. And as you say, serious
real world applications are more than a single layer. But of course
what we see with DiD is polynomial growth of complexity, so policy,
monitoring, rebuild time and so much else gets hard to manage - upshot
is someone, somewhere falls back to simpler configurations - and
there's the entry point. But sure, thank goodness we've moved beyond a
single blacklist firewall these days :)
It depends on how you design systems and processes.
Let Mn denote the nth defense mechanism of a system. We can build architectures in which the probability of breaches is calculated as:
(M0 is pwned) AND (M1 pwned) AND (M2 is pwned) AND (M3 is pwned).....
You can see the total probability can become small quickly, as it's computed as the product of all probabilites. The collorary is: it's possible to design secure systems from insecure building blocks (as long as those are reasonably uncorrelated!)
Insecure systems are generally designed the way you suggest in your post: if a single defense mechanism is breached, the whole system will be breached. So you basically are as secure as your weakest link.