As cybersecurity attacks become more and more prevalent, executives and government officials recognize that more must be done to protect networks, data, and services from malicious attacks. Example data breaches over the last decade include:                77 million customer records and possibly payment card information were stolen in April 2011;        152 million names, customer IDs, passwords, encrypted payment card information, and source code were stolen in October 2013;        110 million customer records, and credit and debit card numbers were stolen in December 2013;        78.8 million records that included personal data and Social Security numbers were stolen as announced in February 2015; and        −15 million customer records were stolen as announced in October 2015.        
In most of these cases, sophisticated attackers targeted the companies and organizations and their most sensitive data. The security strategies used in the past are increasingly less effective against these new types of attacks. Many tools and security processes have been more focused on prevention than on detection and response, and attackers are taking advantage of the fact that organizations are not finding indicators of compromise within their environments soon enough, nor are they responding to these incidents and removing them quickly enough.