David Stonehill, NetLib Security CTO, issued the following open letter:
STAMFORD, Conn., March 23, 2026 (GLOBE NEWSWIRE): Over nearly two decades, the industry has focused on detection. We’ve sought faster alerts, better dashboards, more telemetry, and smarter analytics. We’ve utilized AI to minimize response times and bring us new insights. On the surface, it seems like we’re doing the right things.
Yet breaches are larger, faster, and more dangerous than ever before.
The uncomfortable truth is this: We are very good at detecting compromise. However, we have not been equally disciplined in preventing its consequences.
Artificial intelligence has transformed intrusion by shortening attack timelines and making it easier for adversaries to breach systems. Ironically, it has made compromise scalable.
In that environment, detection speed is not the key control. The outcome is. If attackers gain access, which statistically they will, is the data they exfiltrate usable?
The answer is, if that data has value, then the breach is a success, regardless of how quickly you detect it. If it is encrypted and controlled centrally, however, the economic impact shifts. That distinction is now practical.
For years, encryption has been viewed as a compliance requirement. It was just a checkbox, a line in an audit, or an extra feature layered onto existing systems. That mindset is outdated. Encryption must be foundational. It should be required, governed centrally, and treated as infrastructure, not as insurance.
Too often, after a breach, consumers get a notification letter and an offer for one year of free credit monitoring. That is not protection; it’s a band-aid. The industry’s job is not to respond more elegantly to exposure. It is to lower the chances that exposed data can be exploited in the first place.
Layered security is important, as is detection, and response time. But layers that do not change the eventual outcome are incomplete.
RSA, the leading security conference every year, is over now. The conversations shouldn’t be. As we continue down this road together, we must ask a tough question: Are we building better alarms, or are we building systems where stolen data is worthless?
The uncomfortable truth is we’ve gotten very good at detecting breaches. We’ve gotten far less effective at limiting their impact.
This is not a dismissal of detection-first strategies. It recognizes that in the AI era, detection alone is not enough. Breaches may be unavoidable, but catastrophic data exposure is not.
Encryption is not optional. It never was.
David Stonehill
CTO, NetLib Security, Inc.