Analysis becomes one of the most useful tools in piecing together the most comprehensive strategies against and in response to attacks.
"Analytics are important in gaining insight and then leveraging action," Ramzan added.
"Security is always about visibility and control. With the cloud it becomes more paramount to use visibility for being able to understand what's going on across all IT points from end users to the cloud."
The idea is that security is not about prevention, and focusing too much on prevention could open up greater risks. In addition to building those perimeters of prevention, organizations also need to develop strategies for detection and response.
"Don't inflate or conflate any of these comprehensive strategies," said Ramzan. The idea that technology alone can protect against criminal attacks is wishful thinking, he said.
"Organizations need to move past prevention alone. Look at who received what, who clicked, and what happened. Monitoring response is essential."
What's important to consider is that the criminals who are trying to hack into the network are looking for the ways to infiltrate despite the defenses that organizations are developing. The fundamental principles of a balanced approach that includes prevention, detection, and response includes the best offensive and defensive tactics.
Security is no longer about protecting the perimeter to secure what is inside. Extended networks mean more connectivity, so the extended network needs to be protected.
"The network is critical for defending against breaches," said Marc Solomon, Cisco's vice president of Security Marketing, "but as the Internet of Everything (IoE) expands, there will be more devices, and the extended network includes everything from data centers to clouds to end devices."
All of those pieces need to be considered in developing the strongest security.
If organizations are only looking at prevention, the attackers are looking towards where the organization is blind, said Solomon. Yes, the network is the core of an organization's security, but they should be looking at it holistically.
"Nothing is an end all be all. We are all human and we will all make mistakes," he said.
Spending money on awareness training is a good best practice because security is about a balance of prevention, detection, and response. Solomon added.
"Security is a series of attack vectors, on end users, and addressing that will help, but you're not going to solve the problem solely through awareness training."
Macbeth had murdered several men, including the king, before anyone suspected him of treason. That's not to suggest a trust no one approach, but a recognition of the fact that people with malicious intent don't advertise their criminal behavior. Thus, for most organizations, protecting their environments require a variety of technologies.
Sign up for Computerworld eNewsletters.