the State of Security

RSA 2010: If you don’t look at your log data, how are you going to catch data breaches?

by on March 3, 2010 David Spark

David Spark here reporting for Tripwire at the 2010 RSA Conference in San Francisco.

I spoke with Bob Russo, General Manager of the PCI Security Standards Council, about the common practice of companies turning on their server logs, just because they need to for compliance, and then never actually looking at it. It’s kind of pointless at that point. It’s like turning on a security camera but never hiring someone to look at the feed or look at the tapes.

Make sure you also read my summary of Russo’s presentation, “PCI 2.0? What’s Next for the PCI Security Standards and Council?”

Check out more of Tripwire’s coverage from the 2010 RSA Conference in San Francisco.

Tagged as: event management, IT Security, IT Security and Data Protection, log management, PCI, Regulatory Compliance, RSA, RSA 2010

This post was written by…
David Spark

has contributed 113 posts to The State of Security.

Twitter @dspark

Contact David Spark

David Spark is a veteran tech journalist and founder of Spark Media Solutions, a media consulting and production company. Acting as the "media" of "social media," Spark Media Solutions helps its clients be seen as leading voices in their field through brand-quality media production and distribution through top tier media channels.