The concept of networked systems survivability isn’t new, but it is finally starting to move from the obscurity of academia to become part of mainstream thinking. We believe it is time to move away from the old “zero sum” mentality, which naively suggests that all threats and vulnerabilities can be protected against. Instead, we view all environments as dynamic and in need of constantly-evolving analysis and protective measures. Defending against attacks is important, but so is monitoring, detecting, and responding to those attacks in order to minimize their impact.
Related to survivability is the concept of legal defensibility – the confidence to be able to declare in legal proceedings (after a breach or successful attack) that you did all that was reasonable in order to protect your systems. We help organizations look beyond compliance and toward a longer-term view that acknowledges that determined attackers will inevitably succeed. We help plan for the aftermath to reduce the overall negative impact of an incident.