Security experts rely more on detection and incident response, making security a collaborative exercise. SIEMs need to know what systems they have, what applications, who are the owners of those applications. Machine learning is another one of the many layers in the entire security infrastructure. The problem for many who are feeling so overwhelmed and understaffed is that looming question, Where do I begin? The MASSTLC Conference was a launching point for CISOs and CPOs to learn more about incident response plans.”]
Source: https://www.csoonline.com/article/3114805/detection-and-response-where-to-begin.html