Inspection is the safeguard that allows security teams to preemptively stop attacks by finding the lurking “known unknowns”: The network breaches attempted or already achieved that you know are out there but don't know where. The Scientific Age was born when the technical elite of the day admitted that they didn't know as much as they should, challenged unproven assumptions, and actively looked to fill in the gaps in their knowledge. That concept transitioned from scientific methodology into national strategy when then–US President Reagan said succinctly, “Trust, but verify.” Whereas Reagan referred to using rigor—special sensors and multisourced analytics—to find things that weren't intended by our adversaries to be discoverable and ensure general adherence to weapons treaties, the same strategy and methodology should be used by any serious practitioner of cybersecurity. Rigor in inspection of potentially malicious cyber content—whether disguised in attachments to emails or hiding within legitimate traffic—is key to cybersecurity strategy.

Criminals have always used duplicity, manipulation, and subterfuge to gain access via phishing emails armed with malware-laden ...