A recent NIST publication, Revision 4 of a document titled “Security and Privacy Controls for Federal Information Systems and Organizations,” lays out this strategy of “baked-in” broad-based security as opposed to patching systems for each new threat as it comes along.
Read more here: http://gcn.com/articles/2013/05/02/it-security-strategy-focus-on-systems-not-threats.aspx