IR (Incident Response) - A few good thoughts

Nice thoughts and a few good comments

From the Article:

• First, prevention and preventative security controls will fail. Prevention fails on a daily basis at many organizations; it will suffice to look at antivirus tools and contrast their 99%-plus deployment rates with widespread ongoing malware infection rates."
• "Second, detection also fails on a frequent basis. A copy of Verizon Data Breach Investigations Report reveals plentiful evidence of that."
• "What remains of the entire realm of information security. Only incident response."

"Thus, IR simply has to be there because this is where the security of an organization will fall after all else fails - and it will."

The link below has more information:

http://journeyintoir.blogspot.com/2014/04/holding-line.html