Cybersecurity needs more prevention and less reliance on cure
Cybersecurity needs more prevention and less reliance on cure
Publish Date: 2026-07-15 05:04:00
Source Domain: www.csoonline.com
The limits of a detection-first model
When we gather for industry forums like the RSAC Conference, the topics include automation, AI-driven response and operational resilience. These are certainly important, but they have limits. Detection produces false positives and noise. The volume of alerts begins to outpace human capacity to sift through it for the genuine issues. Alert fatigue is real, and talent shortages continue.
We observe that the ratio of detection tools versus prevention tools is getting bigger. RSAC Conference runs the largest startup competition in cybersecurity. Over the past three years more than 500 new cybersecurity companies have entered the competition, and we estimate that more than 70 percent of these companies are shipping detection tools, not prevention tools.
Detection activates only after a failure has occurred, and unfortunately modern adversaries now operate at machine speed. Vulnerabilities are attacked through automation, and artificial intelligence generates phishing campaigns at a massive scale.