Defense In Depth. The principle is simple. Assume each layer of your security will be breached. Think about how to delay the attacker, how to increase their costs.

The more you can delay the attacker, the more you have a chance of observing and reacting before its too late.

The more you can shift cost from you (the defender) to the attacker, the more likely it is they will go elsewhere.