Logging Expertise
Expertise in setting up robust logging infrastructure is a big skills gap in the security profession, explained Chris Stouff, head of threat resistance with Armor, a managed cloud security provider. "Logging of security events and ensuring the proper data enrichment is added, underpins everything that happens in security operations to detect, correlate and respond to threat activity," Stouff said. "Unfortunately, there are very few professionals in the market who really understand how to manage logs correctly and at scale. But even fewer have the skills or systems in place to properly audit and review the data that is present in their logs. Getting this right makes the difference between security as a check in the box, and actually putting forth an effort to stem the tide of attacks."