Linked – Why Data Reduction is Key for Meaningful Visualizations

Image by Elif Ayiter/Alpha Auer/..../
Image by Elif Ayiter/Alpha Auer/…./

In my experience, and in the experience of many others as well, unfocused attempts at visualization over raw, unreduced data produce visualizations that are not particularly useful for security operations.  Visualization does have tremendous potential to bring value to security operations when leveraged properly.  Performing data reduction by posing specific, targeted, incisive queries into the data provides a good starting point for producing visualizations of high value to security operations.  Get the picture?

The same is true for eDiscovery data. I’ve seen many a user go straight to a visualization of email connections, for example, over their entire dataset, and then dismiss the use of visualizations because there’s nothing useful in it. Which, of course, there isn’t. You need to define what kinds of connections you’re looking for (Over a date range, to/from one particular custodian of interest, etc.) before you start looking at the pictures that are going to show them to you.


Similar Posts

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.