It’s appropriate, I suppose, to think of Quest’s list of 10 ways to boost security as layers: Strategy and guiding principles first, then infrastructure basics you may not have considered much. And now a couple of layers that address some of what are sure to rank among 2012’s imminent threats …

#5 Deploy computer security incident response capabilities to better address advanced persistent threats. 

Too often, attacks and breaches take weeks, months, and even years to be uncovered.  According to Verizon’s 2011 Data Breach Investigations Report (which includes information from the U.S. Secret Service and the Dutch National High Tech Crime Unit as well as Verizon’s information), 38% of data breaches aren’t discovered for weeks, and 36% aren’t discovered for months.

Your incident response should have the ability to

• Produce, collect, and query as many logs as possible from a security perspective
• Conduct deep packet inspection of all the important choke points on your network
• Quickly query network connections across all network choke points
• Analyze malware
• Enable trusted relationships with other organizations to share intelligence on events

#6 Encrypt your data when it’s in transit (e.g., emailed) and when it’s ‘at rest’ (stored)

Pay special attention to encrypting data in mobile devices and flash drives. Strong encryption can delay the exposure of sensitive data when other security measures have failed in a world in which it can be difficult to physically secure all access to networks.

Encryption capabilities are built into many security tools and services, but it’s important to create and enforce policy requirements that specify the encryption of sensitive data.