THE MODEL
Organizes cyber defense into two groups: Asset Layers define WHAT you protect, Capability Layers define HOW you protect, operate, and improve.
ASSET LAYERS (WHAT)
1
DATA — Crown Jewel
2
INFRASTRUCTURE
3
IDENTITY — New Perimeter
CAPABILITY LAYERS (HOW)
4
SECURITY OPERATIONS
5
RESILIENCE & RECOVERY
6
TESTING & VALIDATION
6 • TESTING & VALIDATION
5 • RESILIENCE
4 • OPERATIONS
3 • IDENTITY
2 • INFRA
DATA
🔐
🔐
THE SIX LAYERS
1
DATA
Crown Jewel Protection
2
INFRASTRUCTURE
Networks & Systems
3
IDENTITY
New Perimeter
4
OPERATIONS
Monitor & Respond
5
RESILIENCE
Recover & Continue
6
TESTING
Validate & Improve
💡 KEY INSIGHT
"Attackers don't break in — they log in." Identity (Layer 3) has become the new perimeter in modern architectures. Each outer ring protects its inner ring, creating true defense-in-depth.