out widely that "digital security tends to reply wholly on prevention:
cryptography, firewalls and so forth. There's generally no detection, and
there's almost never any response or auditing"
|Schneier's statement about
the relationship between prevention, detection and reaction is very important.
The reason it is important is that most companies are focusing on e-commerce
security by spending money to develop firewalls, filtering etc. - but if
someone is successful in getting past that - very few organizations will
know about it.
This is like putting steel
bars on your patio sliding doors hoping your house will not be broken into
- but not knowing whether or not someone has snuck in through a basement
Security doesn't work - if
you cannot determine if it is working !!!
Countermeasure are what
you do, once you discover precisely how you have been negatively effected
by a threat.