Having an active system for preventing and detecting incidents, like breaches of security, is important in making sure you have effective information security. If someone, or your system, fails to prevent or detect these breaches then you won’t have a true measure on whether your information security is effective.
Just in networks alone, there are 5 different distinct types of security breaches:
The word “active” is important too. You need to be constantly on guard. You need to be constantly preventing incidents. You need to be constantly detecting if incidents occur.
In addition, you need to have transparency around doing this too.
Therefore, you need to implement a No Blame Culture. Easy to say but hard to get right. It’s human instinct to blame people for either failing to prevent security breaches or to detect the breach in the first place. You must stop blaming and work on encouraging reporting.
However, as soon as you go back to blaming, your system will fail. You have to keep working on it 24/7.
The goal is to have a true measure of the number of security breaches that your networks and systems are experiencing.