Chapter 12

Moving Toward Data-Driven Security

“My job was to find questions about baseball that have objective answers; that's all that I do; that's all that I've done.”

—Bill James, sabermetrician

If you've been following along up to this point, you have covered a lot of ground, and you've hopefully realized that there is knowledge buried in the data. As you begin to move your security practice into a data-driven mindset, we suggest that you take a “panning for gold” approach instead of a “drilling for oil” stance—meaning that you shouldn't get bogged down with a single focus (or a single source of data) out of the gate. Instead, roll your pants up, step into the stream of data, and just explore and learn what you can about it. Once you understand what's in the data, you can start to ask (and answer) the interesting questions that will begin to make a difference.

This last chapter is dedicated to that difference. The first half is about moving yourself (or those you work with) toward a data-driven approach at a personal level. The second half is about moving your organization toward a data-driven security program.

Moving Yourself toward Data-Driven Security

Figure 12-1 is a slight modification of Drew Conway's “Data Science Venn Diagram” (http://drewconway.com/zia/2013/3/26/the-data-science-venn-diagram), which is a simple visualization that can help you quickly evaluate where you currently are on your journey toward data-driven security. This chapter looks at each major component, ...