Additional notes on Strategies: 1. Adapt Soke and Hub Service Model - centralized SIEM service (SIEM Hub): subscrib to SSC or do it all in-house - Spokes are data sources feeding to the Hub - SIEM is the central piece linking all SOC tools 2. Data Masking (DM) Stragegy Mask sensitive data in logs by: - Use custom code to auto-check the presence of sensitive data every time a message gets logged - leaverage vendor capabilities of masking sensitive data - Leverage data filters in log agent configurations that anonymize sensitive data before the log data is transmittted to log server - Explore investing an Enterprise DM tool. 3. Standardize what to log per data source - Leverage GC Event Log Strategy 4. Unify and consolidate logs for monitoring 5. Leverage advance technologies in AI, ML and automation