The availability of log data can make the difference between success or failure. Organizations must consider what format to store the data in, the taxonomy of how it is all grouped together, the ability of the security department to actually store and manage the data. The ability to manage and search log data will depend largely on how long the data is kept — and for what purpose. The more data you can hold onto and process, the more you can understand about your security operations, your security posture, what’s working and what’s not working.”]