For many years, enterprise leaders have approached their network and systems defense strategies with a technology-centric focus: They approve of the acquisition of firewalls, anti-malware products and intrusion detection systems, and hire an IT team to oversee it all. Then, they conclude that they’re finished with the subject until they review progress/status in a year or so.
What they’re beginning to discover, however, is that these efforts – while serving a primary role within the strategy – aren’t enough. Cyber criminals are coming up with increasingly sophisticated and effective attack methods. As a result, organizations are “feeling the pain,” and the most recent annual Data Breach Investigations Report (DBIR) from Verizon has documented more than 100,000 incidents and 2,260 confirmed data breaches over the last year.