There is a very popular school of thought in the information security industry today that says attacks and breaches are going to happen. This logic suggests that we need to do more to plan our responses for when these happen, as opposed to devoting resources to trying to prevent these attacks. Jason Brvenik, VP of Security Strategy at Sourcefire responds, "fiddlesticks!"
While Jason acknowledges that some attacks will succeed, that does not mean that we should be any less vigilant in trying to prevent them. To sacrifice prevention resources to concentrate on response is a critical mistake, according to Brvenik.
This does not mean that you should stick your head in the sand, ignoring security response. In fact, planning your response to a successful attack has to be part of your security strategy. But, as Jason points out, there is so much you should be doing.
In this short 17-minute conversation, Jason gives us some practical advice on what we should be prioritizing and why, as part of our information security plans. Jason's long history in infosec and his view of the threat landscape as VP of security strategy at Sourcefire make his opinion one that you should listen to.
In the meantime, with the recent release of the 2013 Verizon Data Breach Report (pdf), exactly how widespread security incidents are and what is at stake is more clear then ever. Security is getting harder every day. As Jason says, in security the bad guys are not stupid. In fact, they are very smart. We need both prevention and response strategies as part of any successful security strategy.
Have a listen to the podcast and leave a comment. What do you think about the prevention versus response debate?
(If you don't see a streaming audio player below, reload the page)