"Knee-jerk reactions are only natural but there is the law of unintended consequences. The key here is consistency, and that means automation and a systems approach. Computers are better at reading phonebooks so automation avoids errors which are all too easily overlooked in a checklist approach, or if manually having to read reams of vulnerability scan data. Secondly, it’s a matter of visibility; you cannot secure what you cannot see. Having end-to-end network visibility is the only way to truly understand your attack surface. There’s a lot of truth in the saying 'Sunlight is the best disinfectant'. Think about this as the 80/20 rule of security controls - the outgoing director of UK’s GCHQ put it best saying that '85% of the problem is addressed by better doing what you already know how to do.'
"The lesson learned here, and I think the Verizon 2012 Data Breach report hit the nail no the head when it said that 97% of all data breaches could have been avoided by the consistent implementation of simple or intermediate controls. I contend there are, and will always be, three key elements to fixing this and all such vulnerabilities - visibility, consistency and management."