A security strategy that employs multiple layers of defense to protect a system. In ICS security, this means implementing a combination of physical security, network segmentation, firewalls, intrusion detection, strict user access controls, etc., so that if one layer fails, others still provide protection. For example, even if a firewall is breached (outer layer), an ICS might still be safe thanks to an internal allow-list.
