Do your best. Be prepared for the worst.

"This book is about preparation for compromise, but it's not a book about preventing a compromise. Three words sum up my attitude towards stopping intruders: prevention eventually fails. Every single network can be compromised, either by an external attacker or by a rogue insider. Intruders exploit flawed software, misconfigured applications, and exposed services. For every corporate defender, there are thousands of attackers, enumerating millions of potential targets. While you might be able to prevent some intrusions by applying patches, managing configuration, and controlling access, you can't prevail forever. Beleiving only in prevention is like thinking you'll never experience an automobile accident. Of course, you should drive safely, but it makes sense to buy insurance and know how to deal with the consequences of collision."

(Richard Bejtlich, The Tao of network security monitoring: Beyond intrusion detection, Preface, p.XIX)