Chapter 17

Setting Reaction Strategy


There is no such thing as perfect security. You have to deal with incidents and, therefore, with response. Because defense itself is innately reactive. To defend is to respond to external forces, both operationally and philosophically. The reality of the situation is that no matter how well our defenses are designed, instrumented, implemented, maintained, and operated, attacks are bound to make their way through them. Being adaptive is defined by reaction. We need to get more comfortable with the idea that more is to be learned about success from failure. Training ourselves, our constituency, and our leadership to embrace such a culture shift can pose a real challenge.


Event; Executive sponsorship; ...

Get Advanced Persistent Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.