If you think looking for a needle in a hay stack would be tough, imagine looking for a needle in a needle stack. Not just any needle, but a very specific needle that could stop a cyber attack or prevent a data breach. In the Information Age, every organization is saddled with needle stacks, or more specifically, copious amounts of data. Businesses must collect, analyze, and learn from data if they wish to compete. Data is also critical for CISOs. Logs provide CISOs a critical view into the thousands or even hundreds of thousands of daily activities occurring on their networks: a badge scan, a downloaded file, a failed attempt to access the network, and so on. The problem begins when you have to isolate one of these logs. CISOs learn quickly that there is such a thing as “too much data.” So, what data should CISOs collect? The answer is liberating in its simplicity: collect only the data needed to do the job effectively. If CISOs are uncertain of which data they need, they better develop an affinity for needle hunting.
I recently moderated a panel in Chicago and asked CISOs about their perspectives on the CISO role, including challenges and opportunities. In this video, two panelists discuss the burden of extensive data collection.
CISO Perspectives is a complimentary resource for cybersecurity professionals featuring insightful viewpoints, best practices, and sage career advice from a cross section of CISOs. These videos and blogs are proudly offered by Accellion, the leader in secure email and secure file sharing for mitigating third party cyber risk.
*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Accellion authored by Joel York. Read the original post at: https://www.accellion.com/blog/successful-cisos-use-this-essential-tool-sparingly/