Log Thy Data
August 07, 2015
Security is in need of a data driven transformation. It’s not uncommon for organisations to take tactical, operational and strategic decisions or actions about security without the data to back them up. What’s more, with security breaches and threat campaigns littering our news feeds on a regular basis, there is perhaps an uncomfortable focus on security teams to answer the Board’s question, “How secure are We?”, with something a bit more credible than “yeah, we’re good. I haven’t read about us in the news today… have you?”.
O.K. this sounds a little flippant but you get the point, questions are asked of security teams at all levels and part of that answer has to come from an analysis of the available data. It’s right there, flowing around your network,just tap into it and away you go. But therein lies the problem. Too often, data is seen as something that needs to be managed, moved, filtered, compressed, stored or deleted instead of something to be analysed, reported, visualised and loved.
At Panaseer we love data and as we set about building a platform that enables multiple security data analytics missions, we plan to use this blog to document our thoughts and findings along the way. It is no use to us if the community isn’t ready to embrace a data driven approach to security. So sit back, and as the weeks unfold we will explore how we use security data to support those different missions. Whether that’s for investigating, detecting or reporting on security, we aim to get you thinking about where your data sits, what data you are logging and how it could be used to help you achieve your objectives and improve security. We will also be lifting the lid on some of the technology we’re playing with, so you’ll be hearing from the CTO and his team, and if you are lucky we might even give you a sneak peak in to how our platform is developing.
To some readers this will be old news but our experiences tell us that we are just on the cusp of data driven security, particularly here in the UK. But irrespective of your position we welcome discussion around these topics. So here we go… First instalment coming next week.