* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [CSO Perspective](https://www.paloaltonetworks.com.au/blog/category/cso-perspective/)
* National Cyber Security A...

# National Cyber Security Awareness Month: There Is Something New To Talk About

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2015%2F10%2Fnational-cyber-security-awareness-month-there-is-something-new-to-talk-about%2F)  
[](https://twitter.com/share?text=National+Cyber+Security+Awareness+Month%3A+There+Is+Something+New+To+Talk+About&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2015%2F10%2Fnational-cyber-security-awareness-month-there-is-something-new-to-talk-about%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2015%2F10%2Fnational-cyber-security-awareness-month-there-is-something-new-to-talk-about%2F&title=National+Cyber+Security+Awareness+Month%3A+There+Is+Something+New+To+Talk+About&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2015/10/national-cyber-security-awareness-month-there-is-something-new-to-talk-about/&ts=markdown)  
\[\](mailto:?subject=National Cyber Security Awareness Month: There Is Something New To Talk About)  
Link copied  
By [Rick Howard](https://www.paloaltonetworks.com/blog/author/rick/?ts=markdown "Posts by Rick Howard")  
Oct 19, 2015  
5 minutes  
[CSO Perspective](https://www.paloaltonetworks.com/blog/category/cso-perspective/?ts=markdown)  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)  
[Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown)  
[National Cyber Security Awareness Month](https://www.paloaltonetworks.com/blog/tag/national-cyber-security-awareness-month/?ts=markdown)

### Executive Summary

On the occasion of the 12th U.S. National Cyber Security Awareness Month, threat prevention comes to the forefront as something that the community has rediscovered as a security innovation. We used to do this as a matter of course, but sort of lost our way for a while. Today, smart network defenders have learned that threat prevention is inextricably linked to detection and mitigation. You should not have one without the other two.

### Introduction

Twelve years ago, the Department of Homeland Security designated October as National Cyber Security Awareness Month for the United States. \[1\] When I noticed that this year's installment was approaching, I began to wonder if there were any new developments in the cybersecurity community of which most people were not aware. Part of my job is to travel around the world talking to smart people about how they do security, and it has been an education these past two years. Every network defender whom I talk to does it differently, and they all have good reasons why they are different. But the one thing that is clear to me is that most do not realize that there is a quiet revolution going on right under their noses. The cybersecurity community is rediscovering the idea that threat prevention is an atomic piece of the overall defensive strategy for any organization.

### A Little History

When I started in the industry some 25 years ago, all we had in our toolbox was threat prevention controls: stateful inspection firewalls, intrusion detection systems and antivirus engines to name a few. Sometime in the mid-2000s, innovative companies started selling some very good niche products that could detect adversaries once they had breached the typical threat prevention defenses that we all had deployed in our networks. Some of these new tools were very good and we started finding all kinds of bad guys in our systems.

In 2010, state-sponsored cyber espionage adversaries attacked Google, and for the first time in history, a commercial company went public with the information. \[2\] Before the Google attacks, referred to as Operation Aurora in the press, no commercial company would dare go public with the fact that a cyber adversary had been successful in breaching their network. Common wisdom in the industry at the time was that such an admission would wreck the bottom line of the company by hurting the brand name. But with Google's public admission and a plethora of state-passed, public breach notification laws on the books that came later \[3\], it seems that you can't get through a week of cybersecurity news today without one or two companies announcing they have been breached.

Somewhere between the Google attacks and today, the security vendor community threw up their hands in dismay and declared that it was not possible to prevent bad guys from penetrating our networks. Our only hope, they would say, was to quickly detect them, once they were successful, and eradicate them from the network as soon as possible. The security vendors seemed to declare that threat prevention was dead, and our only hope was detection and mitigation.

That is the dumbest notion I have ever heard.

### Threat Prevention as a Rediscovered Innovation

We can absolutely stop most of the known badness that black hat adversaries throw at our networks. We can't stop all of it, for sure, but we can stop most of it. As a network defender, why would you leave that option off the table to simply rely on a detection and mitigation strategy? That obvious question has started to pop up on the radar of many network defenders whom I have talked to this year.

My CTO, Nir Zuk, is fond of saying that, if you are okay with the idea that some adversary will steal your most precious secrets right out from under your very noses, and your risk mitigation plan involves noticing that they were there after they are gone, then you should probably consider another line of work. \[4\] And he is absolutely right. When you say it out loud like that, you realize how crazy that sounds.

What I have noticed this past year is that the cybersecurity community has come back around to this notion that threat prevention is a key and fundamental element to any network defender's plan. It has to work hand in hand with the other two requisite pieces: detection and mitigation, but it cannot be left out. All three are essential to the plan, but none are sufficient by themselves. Smart network defenders have never abandoned this idea. The rest of us are just now rediscovering it.

### Conclusion

As I reflect on the state of cybersecurity during this 12th U.S. National Cyber Security Awareness Month, threat prevention comes to the forefront in my mind as something that has been old in the past but is new again today. As I travel around the world talking to smart people about security, this is what they are talking about: threat prevention is key and essential to any defensive program. It is as important as detection and mitigation but, more to the point, network defenders should not choose one over the other. They are inextricably linked together.

### Sources

\[1\] National Cyber Security Alliance. 2015. "National Cyber Security Awareness Month," *StaySafeOnline.org.* Last Visited 28 September 2015.  
[https://www.staysafeonline.org/ncsam/about](https://www.staysafeonline.org/ncsam/about)

\[2\] Zetter, Kim. 2010. "GOOGLE HACK ATTACK WAS ULTRA SOPHISTICATED, NEW DETAILS SHOW." *Wired* . Last Visited 28 September 2015.  
[http://www.wired.com/2010/01/operation-aurora/](http://www.wired.com/2010/01/operation-aurora/)

\[3\] National Conference of State Legislatures. 2015. "SECURITY BREACH NOTIFICATION LAWS." *National Conference of State Legislatures* . Last Visited 28 September 2015.  
[http://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx](http://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx)

\[4\] Zuk, Nir. 2015. "Only a Platform Can Prevent Attacks." *Ignite 2015, Palo Alto Networks* . Last Visited 28 September 2015.  
[https://www.paloaltonetworks.com/blog/2015/05/nir-zuk-at-ignite-2015-only-a-platform-can-prevent-attacks/](https://www.paloaltonetworks.com/blog/2015/05/nir-zuk-at-ignite-2015-only-a-platform-can-prevent-attacks/)

*** ** * ** ***

## Related Blogs

### [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

[#### AI, Quantum Computing and Other Emerging Risks](https://www.paloaltonetworks.com.au/blog/2025/10/ai-quantum-computing-emerging-risks/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Threat Research](https://www.paloaltonetworks.com/blog/category/threat-research/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

[#### Top Three Ways Organizations Were Unprepared for Cyberattacks in 2023](https://www.paloaltonetworks.com.au/blog/2024/11/top-three-ways-organizations-were-unprepared-for-cyberattacks-in-2023/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown)

[#### GenAI in Cybersecurity --- Threats and Defenses](https://www.paloaltonetworks.com.au/blog/2024/10/genai-in-cybersecurity-threats-and-defenses/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Better Together With IBM and Prisma Cloud Compute Edition](https://www.paloaltonetworks.com.au/blog/cloud-security/better-together-ibm-prisma-cloud/)

### [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Automating Visibility and Protection for Cloud VMs](https://www.paloaltonetworks.com.au/blog/cloud-security/automating-visibility-protection-cloud-vms/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Computing](https://www.paloaltonetworks.com/blog/category/cloud-computing-2/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown)

[#### Prisma Cloud Secures Containerized Apps on AWS-Optimized Bottlerocket](https://www.paloaltonetworks.com.au/blog/cloud-security/secure-containerized-app-aws-bottlerocket/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language