How Much Log Data Is Enough?
Defense in Depth
English - March 04, 2021 11:00 - 25 minutes - 20.2 MB - ★★★★★ - 64 ratingsTechnology News Tech News ciso cisoseries cybersecurity informationsecurity infosec security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
All links and images for this episode can be found on CISO Series
https://cisoseries.com/defense-in-depth-how-much-log-data-do-you-need
You're a CISO struggling with an influx of log data into your SIEM. What's the data you want to keep, and for how long? You want insights, but you also want to keep costs down. Holding onto everything is going to cost a fortune.
Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Steve Zalewski, deputy CISO, Levis, and our guest Naomi Buckwalter (@ineedmorecyber), director of information security and IT at Beam Technologies .
Thanks to our podcast sponsor, TrustMAPP
Does your board want to see yet more heat maps? No, they do not. They want to see that security investments align with business goals, and that their costs are objectively justified. TrustMAPP’s data visualization helps you communicate with your board in a way they can understand – and approve.
In this episode
So, what is the sweet spot for retaining log files? 90 days? 1 year? Should you categorize according to business criticality? How do you separate the "junk" from the valuable data?