An Intellyx Whitepaper for LogRhythm by Jason English, Partner & Principal Analyst
On the geopolitical stage, whenever there’s a major failure to prevent a destructive act of terrorism or state aggression, government agencies and officials will say ‘we just didn’t have good enough intelligence at the time.’
In cybersecurity arenas, that same alibi is applied. When security analysts fail to spot an emerging cyber threat, it is often chalked up to not having enough intelligence about what is going on inside the company’s application estate to gain awareness of the problem.
Both failure scenarios have a common thread, in that a lack of data is seemingly the source of the problem, even when there were plenty of warnings and indicators that went unnoticed ahead of the threat.
For enterprise cyber teams, just getting more log data is no longer enough.
Now the cloud security frontier is about what you do with so much data.
Within cloud deployments, SaaS packages and API services, there are too many sources of logging and real-time event data coming in for mere mortals to make sense of it all.
Cybersecurity groups are eternally understaffed. Even with some recent tech layoffs, skilled security analysts are almost never considered redundant, and most companies still have 40 percent or more of their open positions in these groups unfilled.
That’s why savvy companies are recruiting development and IT operations professionals as additional front line agents in a clandestine battle against determined attackers that get more sophisticated every day.
This paper will discuss how both scrappy startups and forward-thinking enterprises are moving SecOps work out of the datacenter to leverage the scalability and reach of cloud- based platforms for better visibility and insight into emerging threats.
Read/download the white paper here.