You have to assume they're going to get in.
So, the art form here [i.e. dealing with the current attack landscape] is to figure out who's in your network, good or bad, figure out what they're doing, identify whether it is consistent with or contrary to all the policies you have to put in place to protect all of your information and systems. And, finally, once you determine if somebody is in there and doing something that you don't like ... figure out how to stop it, and figure out how to stop it quickly so that they don't do more than acceptable levels of harm. That's a new model; that's an entirely new prospect, and it requires new kinds of skills, new monitoring and controls technologies and new kinds of responses.
-- Preston Winter, former NSA CIO
Src: Living with IT Security Breaches | BankInfoSecurity.com: