Security is generally defined as protection from, or resilience against, potential harm caused by others by restraining or preventing their freedom to act and cause harm or inflict damage. According to CISA, cybersecurity is defined as the art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information.
“To maintain security when prevention fails, we must be able to rapidly detect and respond to malicious activity to prevent further damage or harm.”
In both cases above, we can see that if harm or damage can be prevented, that is the ideal situation. Any response to a threat, no matter how small, causes a disruption in our routine. It forces us to expend time, energy, attention, and other resources on things that could be better spent elsewhere. In this way, threat prevention is king and is where a fair amount of our time and other resources should be spent. An initial investment here will pay dividends down the road.
With prevention measures in place, it is critical to think of how prevention mechanisms work - and where they fail. Take a wall for example. When a person is walking down the street and encounters a wall, they know that wall is there to prevent them from moving forward and towards what is on the other side of it. People respectful of boundaries will stop at the wall. But not everyone is respectful of boundaries...
People that are not respectful of boundaries will look at the wall before them and ponder how they can get to the other side. Being bound by the laws of physics and geometry, there are only four ways to get to the other side - over, under, around, or through. To maintain security when prevention fails, we must be able to rapidly detect and respond to malicious activity to prevent further damage or harm.
Using a mugger or carjacker as an example, the sooner you are aware your personal boundaries are being encroached upon, the sooner you can take action to protect yourself or evade harm. Seeing a mugger or carjacker approaching from 100 feet away puts you in a better position than detecting them 10 feet away. At 100 feet away, you can run to maintain distance from the threat, hide behind a protective barrier, draw a weapon, fight, etc.
All the protective measures stated above become a lot harder to carry out when the threat is only 10 feet away. And it doesn't just become physically harder. But mentally and emotionally as well. It's not difficult to see how early threat detection and response becomes the ideal when threat prevention fails. Early threat detection with a response that gets desired results is how you become resilient to attacks and maintain security.
Simply out of economics, it makes the most sense to try to avoid conflict through prevention as it derails our attention and other resources from more important matters. But the indisputable truth is, not all conflict can be avoided. We cannot prevent every threat from reaching us. It is only a matter of time before they cross our path. When we can't avoid a threat through prevention measures, we need to be able to detect and quell it early so we can get back to doing the things that matter. And for this reason, prevention is king, but resilience is best.
Comments