How will you monitor for unknown threats?
The threat model is constantly changing. One of the most challenging security problems is to establish capabilities that will help organizations identify emerging or "zero day" threats. These are threats that have not been previously identified and, therefore, are not easily detected using traditional signature-matching techniques that rely on prior knowledge. The security management platform and MSSP services need to provide baseline information; however, responsibility ultimately falls on the customer to diligently monitor their own network as well as the threat landscape to identify and track the latest network attacks.
This was first published in July 2008