There's a trend underway in the information security field to shift from a prevention mentality -- in which organisations try to make the perimeter impenetrable and avoid breaches -- to a focus on rapid detection, where they can quickly identify and mitigate threats.
Some vendors are already addressing this shift, and some security executives say it's the best way to approach security in today's environment. But there are potential pitfalls with putting too much emphasis on detection if it means cutting back on prevention efforts and resources.
Clearly, rapid detection is gaining traction. Research firm IDC has designated a new category for products that can detect stealthy malware-based attacks designed for cyber-espionage ("Specialised Threat Analysis and Protection") and expects the market to grow from about $200 million worldwide in 2012 to $1.17 billion by 2017.
The thinking behind a shift in security approach is that it's impossible to keep out everything, so companies should focus on quickly detecting and mitigating threats. While it doesn't mean abandoning prevention, it suggests companies devote more resources to detection and remediation than they have in the past, with the understanding that breaches are going to happen.