Are we ready?
Ready for what? For an incident of course! As I already mentioned in the first part of this series, if some of the world's largest corporations, security vendors, and intelligence agencies have suffered security breaches, the probability that your security program will be the exception is very low. So while you should do everything that is reasonable and prudent to prevent an incident, you should also ensure that you have appropriate processes in place to deal with an incident when, not if, the inevitable occurs.