If you've known us for very long, you know that our security program is based on the broad lifecycle of an attack. We love the NIST Cybersecurity Framework for its functions that cover the full spectrum, not just prevention. We know that prevention only programs are rarely successful and you have to be prepared to meet the attacker wherever they are in the attack lifecycle.
We do this through our SIEM (Security Information and Event Management) and MDR (Managed Detection and Response) platforms. These give us overlapping and customizable visibility into your environments and, to use a highly technical term, allows us to thwack the attackers early and before they can do much damage.
We've been doing this for several years and have known that it's a strong best practice. It's nice to see the governments of many countries (US, UK, Australia, Canada and others) backing us up.
If you have all your eggs in the preventative basket, our prayers are with you. If an attacker slips by you probably won't notice them until it's too late. Our clients, on the other hands, know that there's a good chance we'll catch the ones who slip through the cracks, quickly.
In fact, we had one just last week. We started seeing anomalous activity in an Office 365 account of a financial industry client. Because we had that visibility, we could push them out before they did any damage.
We investigated and were able to see that the attacker was still staging the attack. We promptly kicked them out before they could do anything bad and returned access to the rightful owner. When we told the client, their response was, "I'm glad you're on that wall!"
It's 2025. If you don't have visibility into your environment, why not?
If you've looked into controls beyond preventative before, you probably through they were too complicated to implement. You aren't wrong, detection controls take a lot of maintenance and monitoring to be effective. They are certainly not "set it and forget it" type controls. You don't have to go it alone, though. We may know someone who can help you out.