Monday 27 September 2021, 11am-12noon (BST)
IBM industry analysis shows the average time to identify and contain most breaches is 256 days. This raises a few questions on typical cybersecurity log management:
- Why do we retain data for less than the average time to identify and contain a breach?
- If you only keep 90 days of data, how can you retroactively threat hunt in logs to find emerging IoC that may have existed in your environment many months ago?
Explore why a cloud System of Record (SoR) offering has significant advantages in the interests of extensive backwards cover and end-to-end timeline visibility. Discover how you can ensure as many raw logs as possible are available for a long as possible, and the best way to maintain your chain of custody and protect your log data from threat actors driving ransomware.
Martin Smith MBE (info), Founder and Chairman, The SASIG
Ian Morris (info), Co-Founder and CEO, Secrutiny