With massive data breaches occurring on a regular basis, network security is in a constant state of flux. As attackers get smarter, so too does the technology working to prevent unwanted attacks. Because of this, changes in strategy and technology are becoming the norm. This is supported by recent ESG research that revealed that more than half of respondents expect network security to be one of the areas in which their organization will make the most significant network infrastructure investments over the next 12 months. This creates an interesting IT security paradox. How can anyone expect to have an ideal network security strategy based on well-established policies, processes, and technologies when they are constantly changing?