Assume breach

Due to the emerging threats and cyber security challenges, it was necessary to change the methodology from prevent breach to assume breach. The traditional prevent breach approach by itself does not promote the ongoing testing, and to deal with modern threats you must always be refining your protection. For this reason, the adoption of this model to the cybersecurity field was a natural move.

When the former director of the CIA and National Security Agency Retired Gen. Michael Hayden said in 2012(26):

"Fundamentally, if somebody wants to get in, they're getting in. Alright, good. Accept that."

During an interview, many people didn't quite understand what he really meant, but this sentence is the core of the assume breach approach. ...

Get Cybersecurity - Attack and Defense Strategies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.