4.5 Data Overload! Handling the Mountain of Data Needed to Detect Making a Cyber Intrusion
As an IT auditor it can be overwhelming understanding all the sources of data that cybersecurity teams need to assist them in detecting a potential cyber breach to an organization. More so, how do you audit whether the organization has the correct practices in place to be successful in detecting that potential intrusion? Indicators of compromise, behavioral analytics, log management, endpoint data, threat intelligence and so on. This presentation will outline where these various sources of data come from, how they are useful, maintaining their fidelity and gaining and overall understanding of how to assess this during an operational cybersecurity audit while avoiding data overload.