Layered security deploys multiple, independent security controls — if one fails, others remain. Each layer addresses different attack vectors.
No single control is sufficient. Example: email filtering catches most phishing; user awareness training catches more; EDR catches malware that gets through; network segmentation limits damage even if endpoint is compromised.