Many organizations are thus shifting their attention and resources to mitigation - limiting and stopping attacks in progress - and to business continuity and recovery.
A recently released study by accounting firm EY entitled “Global Information Security Survey 2013” documented this change of cybersecurity focus. The report found that 51% of corporate executives surveyed had set their 2014 information security priorities in business continuity and disaster recovery, eclipsing their focus of 13% on information security risk management.
In other words, if the beach cannot be held, retreat to the next line of defense.
