Security decisions should be driven by three interconnected parts: context, risk and controls. Using capture logs are great to provide half the story, but without looking across all logs, what’s actually happening isn’t clear. Risk is looking into what data actually has value on its own, in relation to other data, or the business it supports; control policies are important, but not enough; Context is important, and risk is also important to look at the data itself, and what data has value.”]