Is there a secret cord? A secret magic sauce that helps some Information Security Teams succeed and others to be constantly struggling? You bet there is!
It is always about the people. Having a dedicated security staff members that cares and is the subject matter experts for the products, technologies and processes is invaluable. A champion to make sure all open projects are executed and completed.
No secrets! Important to have well defined documentation. If using a Managed Security Service they can help with this. Write out everything so that anyone can do the same job and similar incidents can be easily catagorized.
If don’t have the people, get the people. Get part time people, get Managed Security Services. Utilize companies that specialize in Information Security Services that are responsive and have multiple security engineers to pull from.
With constant vigilance and due dilgence you can do this!