to help you do it on your own, it can be valuable to bring in a third-party tool from a ven-
dor such as Splunk or Sumo Logic to help manage the aggregation of these logging and
monitoring sources.
Once logs are aggregated, teams need to develop what “normal” looks like across the
Hybrid IT landscape, and continuously improve determining which signals require a
response or remediation. Again, this is where training and adopting automation can
reap huge benefits over time for security professionals.
Encryption
How is your data classified and secured? While encryption is essential, it is often incon-
sistently deployed, and thus its effectiveness is diluted. Validating which data falls into
which category, and ensuring that it is appropriately encrypted, is a perennial challenge
in on-premises environments, especially when those data environments have grown
organically for eons. The good news is, cloud service providers, such as AWS, Azure and
16 | THE DOPPLER |
FALL 2019