The current silo-style organization of threat researchers reviewing logs in one place, threat hunters in another, and the data scientists in yet another silo working on algorithms, just doesn’t cut it anymore with today’s security threats.
Security teams need to get smarter with how they use and manage all types of data. That’s because the lines between pure infosec data (Web logs, threat intelligence) versus other business data have become increasingly blurred. A piece of Web log data, for example, could be just as easily used to identify attackers as it could to optimize the customer experience. The same holds true for business data as well.