What Mega Breaches Can Teach about Best PracticesNick Carstensen of Graylog Outlines Lessons Learned from Recent Headline-makers
While the Capital One breach may have been jawdropping in its sheer scale, there are best practice lessons to be learned in its remediation response, says Nick Carstensen, technical product evangelist at Graylog.
"Some of these large customers, like Capital One, obviously had a huge security budget, they had the ability to buy the best tools on the market, the best products, the best people, and they still got breached," says Carstensen. "We have to understand that we eventually will get breached at one point, so how can I be the most successful when that does happen? How can I paint the right picture, like Capital One did, in reducing my footprint and saying only these (assets) got attacked."
In this recent interview, Carstensen discusses:
- What was overlooked in the Capital One data breach, and why it could have been much worse;
- How to monitor for security events in a cloud solution;
- What steps should be taken to mitigate data breach risk.