The recent GigaOm report (below) does a good job of highlighting some proactive measures organizations should consider integrating into their security strategies. Some examples include identifying the adversary and raising the cost to attackers. It also discusses embracing next-generation security tools designed to combat targeted cyberattacks by leveraging heuristics, big data analytics, and threat intelligence.
Simply put, an active defense is an absolute necessity considering today’s threat landscape. However, although real-time detection is good, protection that works even without detection is even better. With this in mind, organizations need to invest in securing their systems against completely unknown and unanticipated attacks. This only happens when attack surfaces remain isolated from the machines AND networks to prevent spread of the contagion. Coupling this with an automatic reset of the environment to a known good state ensures the removal of even undetected infections and penetrations.
Additionally with even more targeted attacks and malware that will only trigger against the intended target, managing who can see your identity is an important step to effectively preventing many attacks entirely.