A security measure invalidation prevention device (100), having: an acquisition unit (135) for acquiring invalidated security point information relating to an invalidated security point that, from among security points having a measure function for performing a security measure for a node connected to a network, the measure function is invalidated; a determining unit (136) for determining, on the basis of the invalidated security point information acquired by the acquisition unit (135), whether or not a security event addressed by the measure function of the invalidated security point exists; and an extraction unit (137) that, when it is determined by the determining unit (136) that the security event exists, extracts a security point to which the measure function of the invalidated security point can be shifted.
展开▼
