Cygilant Blog
data is king

Cybersecurity Experts Discuss: Data is King

Posted by Steve Harrington on Oct 15, 2020

We recently spoke with Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint on 10 steps to cybersecurity. Here we summarize their conversation on why data is king. 

 

The volume of data we must analyze to stay secure is substantially increasing. At the same time, the tooling and systems that support cybersecurity are not increasing at the same rate. Now we have a situation where every single device is an endpoint and nothing can be secured by a solid boundary. We are collecting logs from far more sources than we are used to from pretty much everywhere.  

 

As a result, we need to look to data scientists and analysts for new techniques to create insights from security data. This includes a key activity - threat hunting. We need to dig deep into security data to identify elements that an automated tool may have missed. 

 

A SOC spends the majority of its time analyzing security data. Data must be collected, analyzed, understood so that it can drive outcomes. But there is no point in creating reports or graphs that don’t offer meaningful insights. You need to know what actions to take - creating new alerts or patching an OS for example. Data is noise without context or direction. 

 

Resources

 

How to Benefit from a modern SOC and SIEM Get the whitepaper

Tags: Security Monitoring, SOC as a Service

Most Recent Posts

Subscribe to the Cygilant Newsletter