Databases are one of the most common, popular, and widely deployed technologies in use today. Databases support a wide variety of business and technology purposes in almost every organization. You might ask yourself why I'm talking about databases, rather than a topic more closely related to security operations and incident response. I believe that taking a look at why we love databases can help explain why.
It seems to me that the reason we love databases so much is because they scratch our burning itch to turn data into information. It's as easy to get data out of the database as it is to put data into the database. Furthermore, we can get out precisely the data we are interested in, with little to no data we are not interested in. Through this process, we create information from data. Why is this? Let's examine the process someone might go through when interacting with a database:
When the next breach hits, will you be able to issue targeted and incisive queries over your network traffic data and receive timely and accurate answers? If not, then it pays to think about how you will answer the tough questions when they come.
It seems to me that the reason we love databases so much is because they scratch our burning itch to turn data into information. It's as easy to get data out of the database as it is to put data into the database. Furthermore, we can get out precisely the data we are interested in, with little to no data we are not interested in. Through this process, we create information from data. Why is this? Let's examine the process someone might go through when interacting with a database:
- Understand the business need (i.e., what is the desired outcome)
- Create human language question to ask of the data (i.e., what question, when asked, will achieve the desired outcome)
- Translate human language question into SQL (i.e., in what data repositories and via what query syntax will lead to the desired outcome)
- Receive timely and accurate answer (i.e., obtain the correct results in seconds and minutes, rather than hours and days)
When the next breach hits, will you be able to issue targeted and incisive queries over your network traffic data and receive timely and accurate answers? If not, then it pays to think about how you will answer the tough questions when they come.
No comments:
Post a Comment