Of course, the other side of this dilemma is that these patches are all driven by the finding of vulnerabilities. So while a good chunk of your resources is tasked with testing and rolling out patches, another part of the team is out scanning and testing for vulnerabilities.
Scanning for vulnerabilities is not as easy as it used to be, either. With so many mobile and remote devices, they are not always on the network when you run your vulnerability scan. Tracking, scanning and testing for vulnerabilities can be a bigger job than patching. Between the two, you can rest assured that a substantial amount of your allocated budget and resources will be sunk.
Finally, remember even without the zero-day attack, and you stay on top of your vulnerability management and patching, the weakest link in your defense still sits behind the keyboard. Being socially engineered to giving up your password or installing some malware on your device could make all of your hard work and effort for naught.
So while patching and scanning is a form of job security for some and at the very least will keep you busy, it is not a cure for data breaches.
Myth: It's impossible to prevent breaches; I should just concentrate on response
There is a very prevalent trend in the security industry that says data breaches and security incidents are unstoppable. Instead of putting so many resources into preventing a data breach, the tendency is to put resources into incident discovery and breach response.
As the American General in the Battle of the Bulge replied when asked to surrender, "Nuts!" Giving up and not trying to stop data breaches is not and never will be a successful strategy. One hundred percent prevention of data breaches may not be possible, but it doesn't mean it is not worth trying.
There is obviously a balance that needs to be struck. We do need to discover security breaches as fast as possible. We do need a well-thought-out plan to respond to data breaches. However, let's be very clear that the balance must tip in favor of stopping data breaches where possible and reasonable.
Stopping data breaches from occurring totally-while a worthy goal-is probably not possible. However, data breaches are, by and large, acts of opportunity. Understanding how they occur and separating the truth from the myths can make your chances of being the next victim of a data breach much less likely. Insight into the state of your network, implementing even basic controls and management can decrease the likelihood that your network will be breached.
Sign up for Computerworld eNewsletters.