This lifecycle, shown above, represents the phases necessary to initially develop and then maintain an effective protection strategy and response mechanisms. Each phase provides a building block and the lifecycle is meant to provide for continuous improvement as the computing environment and threats evolve.