What influences your day to day decision making?

Does your strategic vision drive your tactical focus or do your tactical decisions turn into your strategic vision?

Will you have the same answer when you look back in six months?

The mortar between your defenses

The other day I read a bit by Andreas M. Antonopoulos on Networkworld about how to be an effective security buyer. Of course when it came to finding the article again when I wanted to write this….I couldn’t find it. +1 to the Interwebs though because Mike Rothman over at Securosis mentioned it in Wednesday's Incite 4 U. Andreas’ advice seems to be when you are buying security tools to not buy something designed to fulfill a singular function. Instead go for multi-purpose tools that can cover down on multiple areas. I think the idea somewhat boils down to knocking out two birds with one stone + it sucks to have to look at one dashboard for each tool you have. Enterprise resource scaling aside though I tend to agree with Mike’s take. What really stood out to me was an analogy Andreas used:

SIEM/LM Analyst Training part 2

The conversation in a meeting the other morning led to a thought…well more of an analogy really. It struck me that in some respects a SIEM/LM analyst or content creator is similar to an auditor. What I mean is you have groups of people devoted to keeping lights blinking be that AV, endpoint management, FW, etc. And then you have groups of people outside of care and feeding group(s) that try to distill value out of either those systems’ configuration or logs to some ends leveraging some other toolset be that specific or multiple compliance requirements or SIEM/LM tools. Auditors and SIEM/LM analysts (at least the tools they use) are sort of a force multiplier in a very loose algebraic sense: