Detect Unknown Threats. Reduce Dwell Time. Accelerate Response
Organizations must radically shift priorities, technologies, and resources. We have to acknowledge that in today's modern enterprise, we cannot rely on prevention based on static rules or prior knowledge. The vast majority of the security spend is still preventative and perimeter-based. Monitoring and response lag, and even the monitoring spend is today heavily weighted toward ineffective, incomplete approaches. Going forward, there needs to be a much more even split of resources across prevention, monitoring, and response. Without rebalancing these resources, it will become increasingly difficult to have the ability to detect a breach in a timely fashion and have the capability to respond fast enough to avoid loss.
See Also: The Global State of Online Digital Trust