An interesting question in the forums that is worth bringing out here for discussion. From Statman entry:
“How do others out there in their companies log security breaches? Do you? Where? How? It would be interesting to see how people are doing this?”
Further it would be interesting to hear from you all what sort of process, procedure etc you have around “logging”? What drives it, is it working, does anyone care?
[Edit Clarification: distinction between "event" and "breach" should have been clearer. Same question remains though for both.]