Six domains. One framework. The architecture of digital defense.
Hover or tap a ring to identify the domain. Click to jump to its section.
Geology (the planetary core)
The innermost domain. DPS protects the organization's most critical asset: its data. Encryption, classification, data loss prevention, backup and recovery, and data sovereignty controls. If an adversary reaches the core, it is game over.
Methodology
Sovereign Data Protocol (SDP)
"Your data lives where you decide. Period."
# PDM Through History: How Rome Defended Its Information The Planetary Defense Model organizes cybersecurity into six concentric domains: Data Protection and Sovereignty, Vulnerability and Surface Defense, Security Posture and Hygiene, Identity Access and Trust, Threat Intelligence and Defense, and
Google Cloud Platform (GCP) is the third-largest public cloud by market share and the fastest-growing major cloud platform, driven by strength in data analytics (BigQuery), machine learning (Vertex AI), and AI infrastructure (TPU-based compute).
Construction is the fourth most targeted industry for ransomware attacks globally. It is one of the least prepared.
Nonprofit security is the discipline of protecting mission-driven organizations from a threat landscape shaped by a paradox: nonprofits are simultaneously high-value targets and chronically under-resourced defenders.
Oceans
The ocean layer. VSD manages the attack surface: vulnerability scanning, penetration testing, patch management, attack surface reduction, and external exposure monitoring. The ocean is where external threats first make contact.
Methodology
Continuous Surface Reduction (CSR)
"Every surface you expose is a surface we eliminate."
Terrain
The terrain layer. SPH covers the ground truth of an organization's security: endpoint protection, configuration management, asset inventory, security baselines, and operational hygiene. Neglected terrain becomes the path of least resistance.
Methodology
Autonomous Posture Command (APC)
"Your posture adapts. Your hygiene never sleeps."
Civilization
The civilization layer. IAT governs who and what is allowed to operate: identity and access management, multi-factor authentication, privileged access management, zero trust architecture, and session controls. Civilization decides who is a citizen and who is an intruder.
Methodology
Zero Possession Architecture (ZPA)
"Trust nothing. Possess nothing. Verify everything."
Atmosphere
The atmosphere layer. TID is the detection and response capability: security operations centers, SIEM, threat hunting, threat intelligence, managed detection and response, and security monitoring. The atmosphere filters what gets through.
Methodology
Predictive Defense Intelligence (PDI)
"See the threat before it sees you."
Outer Space
The outermost layer. RGA is the strategic envelope: risk assessment, compliance, audit, policy, security awareness training, third-party risk management, business continuity, and cyber insurance. RGA ensures the organization has the structure to sustain defense over time.
Methodology
Perpetual Compliance Assurance (PCA)
"Compliance is not an event. It is a state."
Incident response spanning all six domains simultaneously. When a breach crosses domain boundaries, PCP coordinates the response across DPS containment, VSD surface lockdown, IAT credential revocation, TID threat hunting, and RGA regulatory notification.
Supply chain and third-party risk management across organizational boundaries. OAF extends the PDM beyond a single organization to evaluate and monitor the security posture of vendors, partners, and service providers.
The PDM categorizes adversaries into four types based on their origin and behavior. The entire model exists to prevent one outcome: an adversary reaching the core.
Aliens
External Threats
Nation-state actors, cybercriminals, hacktivists
Humans
Insider Threats
Malicious insiders, negligent employees, compromised credentials
Beasts
Malware Families
Ransomware, trojans, rootkits
Biology
Self-Replicating Threats
Viruses, worms, logic bombs