This smart guy (no surprises that he is a CTO) finally clears a long-standing confusion about ‘proactive security’ vs ‘reactive security’. Oh my, so many marketing dollars spend convincing consumers that solution X is so totally proactive, unlike the shabby solution Y which is only reactive :-)
But what does it mean, really? This: “If your product or service’s primary value proposition is independent of incident or loss, you are proactive. If the primary value is at time of incident or post-incident, you are reactive.” It seems that there is no better way of saying it!