Companies using detect and respond as a security strategy are getting hacked at an increasingly alarming rate. We have more cybersecurity companies and products on the market than ever. So why are the numbers of successful attacks increasing and not decreasing? Why are the four key paths leading to compromise: Credentials, Phishing, Exploiting vulnerabilities, and Botnets still increasing? These four pervade all areas of the Verizon DBIR. Why don’t companies have a plan to handle them all? Why are ransomware attacks increasing by 13% last year for a total of 25% this year overall? Why hasn’t the $140 Billion security industry been able to solve or even slow the growth of attacks? What is the answer? Can we look at other more mature industries to solve this challenge?