In episode 51 of the Cybersecurity Minute, Rob Wood explains the benefits of data centralization for security professionals.
This episode is sponsored by Acceleration Economy’s Digital CIO Summit, taking place April 4-6. Register for the free event here. Tune in to the event to hear from CIO practitioners discuss their modernization and growth strategies.
Highlights
00:24 — Security professionals consume and produce lots of data, says Rob. Examples include logs, vulnerability data, and compliance artifacts. Typically, that data ends up grouped into different buckets and goes into particular systems like security information management (SIM) and governance, risk, and compliance (GRC). Data also ends up in application performance monitoring (APM) tools.
01:07 — The different buckets can work well from a usability standpoint, but issues may arise if there are security incidents or other issues that span different layers of a technology stack.
01:34 — Security tactics like threat hunts become difficult in these situations. To avoid the challenge of threat hunting when data is in different buckets, Rob suggests security teams look for opportunities to centralize security data. There are data tools (not always labeled security tools) in the marketplace that can help in this centralization.
02:05 — Rob concludes by pointing out that the benefits of data centralization go beyond threat hunting: Centralizing data leads to stronger governance, access control, and data use and consumption.
Want more cybersecurity insights? Visit the Cybersecurity channel:
