Skip to main content

Definition

Infrastructure Security covers the controls applied to the foundational systems that host applications, data, and workflows. It is the first letter of the I|S|P principle.

Scope

  • Network segmentation and firewall policy
  • Identity and access management at the host and service level
  • Backup, recovery, and disaster-readiness
  • Logging, monitoring, and anomaly detection

Why it comes first

AI capabilities, automation, and ERP systems all extend the operational boundary. If the underlying infrastructure has not been hardened, every new capability extends the exposure — not just the capability.