With all the news about data breaches lately, it’s not
particularly surprising to wake up to headlines describing yet another
one. What is perhaps a bit surprising, however, is the common theme that
seems to exist in many of the breach stories. Time and time again, when
organizations get breached, they find out the hard way that they don’t have the
endpoint and network visibility they thought they did. The necessary data
to perform the forensics required to reach an analytical conclusion is simply
missing. Further, there is no way to remedy this situation – if the data
was not properly recorded when it traversed the network or endpoint, there is simply no way to access it.
What are some of the reasons that data is not
available come breach response time? Let’s take a look at a few of them.
