This week, in response to the OPM breach, Chris Carpenter, the Security Director at the Office of the Secretary of Defense called for an emphasis on detection and response capabilities.
The reason, Carpenter noted, is that there is a clear window of opportunity within which to find attackers inside the network and cut off their access before they have a chance to exfiltrate data. This is backed up by the fact that the vast majority of breach disclosures note that the attackers had been inside for a period of time prior the data exfiltration.