Defense in Depth: How Much Log Data Is Enough?

You’re a CISO struggling with an influx of log data into your SIEM. What’s the data you want to keep, and for how long? You want insights, but you also want to keep costs down. Holding onto everything is going to cost a fortune.

Check out this post for the basis for our conversation on this week’s episode which features me, David Spark (@dspark), producer of CISO Series, co-host Steve Zalewski, deputy CISO, Levis, and our guest Naomi Buckwalter (@ineedmorecyber), director of information security and IT at Beam Technologies .

Thanks to our episode sponsor, TrustMAPP

Does your board want to see yet more heat maps? No, they do not. They want to see that security investments align with business goals, and that their costs are objectively justified. TrustMAPP’s data visualization helps you communicate with your board in a way they can understand – and approve.

Got feedback? Join the conversation on LinkedIn.

In this episode

  • So, what is the sweet spot for retaining log files? 90 days? 1 year?
  • Should you categorize according to business criticality?
  • How do you separate the “junk” from the valuable data?

Defense in Depth

David Spark
David Spark is the founder of CISO Series where he produces and co-hosts many of the shows. Spark is a veteran tech journalist having appeared in dozens of media outlets for almost three decades.