Recently a blog reader asked to enlist my help. He said his colleagues have been arguing in favor of building perfectly secure systems. He replied that you still need the capability to detect and respond to intrusions. The reader wanted to know my thoughts.
I believe that building perfectly secure systems is impossible. No one has ever been able to do it, and no one ever will.
Preventing intrusions is a laudable goal, but I think security is only as sound as one's ability to validate that the system is trustworthy. Trusted != trustworthy.
Even if you only wanted to make sure your "secure" system remains trustworthy, you need to monitor it.
Since history has shown everything can be compromised, your monitoring will likely reveal an intrusion.
Therefore, you will need a detection and a response capability.
If you reject the notion that your "secure" system will be compromised, and thereby reject the need for incident response, you still need a detection capability to validate trustworthiness.
What do you think?