There are three possible approaches to information security: reactive, proactive, and predictive.
- Reactive Information Security – Post incident detection, analysis, notification, containment, eradication, and remediation.
- Proactive Information Security – Avoiding or opposing threats against computers and networks through understanding the situation, assessing potential impacts, and implementing deterrence based on defensive methodologies.
- Predictive Information Security – Anticipating and predicting future threats and vulnerabilities based on strategic analysis, threat intelligence, and correlation of disparate datasets to protect the confidentiality, integrity, and availability of data and IT infrastructure.
It is better to be more proactive than reactive. It is even better to be more predictive.