Cybersecurity has always been anchored by incident prevention technologies like AV software, firewalls, and IDS/IPS systems. CISOs need to adopt processes and controls for advanced prevention. Advanced prevention is dynamic as it changes based upon new threats, vulnerabilities, use cases, and business process requirements. NAC can be used to check the health of endpoint devices, restrict users and endpoints to specific applications and services, and quarantine systems that exhibit suspicious behavior. Network segmentation has the potential to limit the attack surface dynamically and substantially.”]
Source: https://www.csoonline.com/article/2940560/enterprises-need-advanced-incident-prevention.html