SANS Log Management Summit hosted by Alan Paller was a great event. Alan named three ways to help fight back against cybercriminals. Alan’s “yellow card” system for questions worked very well. Alan said measuring report writing (e.g., FISMA) is a waste of time. Alan mentioned using privilege user monitoring as a means to counter insiders, although he also said “The insider threat is baloney” Alan concluded his talk by sounding optimistic about SCADA procurement standards.”]
Source: https://taosecurity.blogspot.com/2006/07/sans-log-management-summit.html