If you think looking for a needle in a hay stack would be tough, imagine looking for a needle in a needle stack. Not just any needle, but a very specific needle that could stop a cyber attack or prevent a data breach. In the Information Age, every organization is saddled with needle stacks, or more specifically, copious amounts of data. Businesses must collect, analyze, and learn from data if they wish to compete. Data is also critical for CISOs. Logs provide CISOs a critical view into the thousands or even hundreds of thousands of daily activities occurring on their networks: a badge scan, a downloaded file, a failed attempt to access the network, and so on. The problem begins when you have to isolate one of these logs. CISOs learn quickly that there is such a thing as “too much data.” So, what data should CISOs collect? The answer is liberating in its simplicity: collect only the data needed to do the job effectively. If CISOs are uncertain of which data they need, they better develop an affinity for needle hunting.
CISO Street moderated a panel in Chicago last year and asked CISOs about their perspectives on the CISO role, including challenges and opportunities. In this video, two panelists discuss the burden of extensive data collection.