Certainly, you have a security system or two deployed in your network. These systems, such as Intrusion Prevention Systems (IPS) or next generation firewalls (NGFW), alert you of suspicious activity on a daily basis. Furthermore, you are probably compliant to whatever your industry mandates such as PCI. Well so are your peers, which begs the question of why so many organizations continue to get breached?
I would posit this is another case of not keeping up with the times. Let’s face it, when was the last time you evaluated your security infrastructure to determine if it could withstand the most recent threats?