Just an overall nice quote over at Journey into Incident Response for those over focusing on prevention to achieve 100% security…
“Prevention will fail and when it does, the last line of defense to thwart the threats we are up against is the IR process and its staff.” – @corey_harrell
Basically, it is never going to happen and so you need that incident response/management capability to detect the compromise as fast as possible and respond quickly in picking up the pieces. I’ve seen similar thoughts by various people in the information security community (@taosecurity comes to mind) but I like this form the best at this time.
(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under Infosec Blogs/Podcasts. [email protected]grecs)
Today’s post pic is from Geo Swan. See ya!