The reality of cybersecurity is that it is not a solvable problem. We cannot stop determined attackers from getting into systems. They’re too sophisticated and digital infrastructure is only becoming more complex. What we can do, however, is take necessary steps to minimize risk and disruption once attackers inevitably get inside. The sooner security leaders can accept that reality, the better.
Instead of focusing on preventing breaches, cybersecurity professionals should focus on improving security hygiene and resilience. More important than building up walls, organizations should prioritize minimizing costs, downtime and disruption in the case of an eventual cyberattack.