Good log practices can pay big dividends throughout the entire cybersecurity lifecycle. Log data can help identify suspicious activity that falls outside of expected norms. Logs form the core of an early warning system that can help organizations counter threats before they even gain a foothold. Without good log collection, retention and analysis capabilities, an organizations security program will rest on very unstable ground, according to a recent AT&T Cybersecurity Insights report. At risk, log data is often lacking, says Todd Waskelis: We consistently go in and find that the evidence [log] data we need just isn’t there or readily accessible”]
Source: https://www.csoonline.com/article/3143618/cybersecurity-101-the-criticality-of-event-logs.html