There are two fundamental perspectives that drive how an individual or an organization approaches security: theorist and pragmatist. Security has the unfortunate reputation of being the program of no in many organizations. In theory, a move to the cloud will introduce additional risk to the business that the security team may not be able to mitigate. Anomaly detection is extremely important, but only if it is approached pragmatically with an understanding of its relevance to its operations. In a nutshell, collecting every source of data can get our hands on security, irrespective of its relevability to operations, reduces security posture.”]
Source: https://www.darkreading.com/analytics/theory-vs-practice-getting-the-most-out-of-infosec