198 Security De-engineering
approval, the change will be given a cursory glance over and accepted
by security.
Quite common also is the conguration misdemeanor whereby an
organization congures a network log server that aggregates log mes-
sages from various sources, but then disables local logging on those
sources because it is seen as redundant. Unfortunately though, secu-
rity incidents and connectivity outages often come as a pair. Usually
there is a viable business case for local logging.
Incidents can easily escape the net of logging, monitoring, detec-
tion, security information event management (SIEM) systems, and so
on, but in keeping with the theme of this book, there is also of course
the matter of IT skills or lack of. It is usual ...