Knowns and Unknowns: What it Means to Shift from Prevention to Detection and Response
“We haven’t stopped huge breaches. The focus now is on resilience, with smarter ways to detect attacks and faster ways to respond to them.” MIT Technology Review, January 2016 There is a lot of talk about shifting the information security posture from a focus on prevention to greater emphasis on detection and response. In a world where you assume everyone is breached, the logical strategy involves rapid identification and containment. It doesn’t mean you stop patching vulnerabilities. It does mean that organizations need new tools, processes and, in many cases,…