SIEM Strategies for 2015

The Business Justification for Advanced SIEM: Introduction

Posted by Kenneth Mewes on Jul 26, 2015 2:02:00 PM


Successful cyber security environments are based upon several key strategic objectives, including:

1. Continuous improvement of the methods that determine what is being attacked and how to stop an attack, as quickly as possible.

2. Increased efficiencies to address the constant growth of IT environments, as well as the dramatic increase in the number of threats and attacks. The goals are to streamline security solutions while reducing operational costs and staffing requirements.

3. Audit reports that substantiate where and how security controls are implemented, generally for legal and corporate governance purposes, but also to provide assurances to security teams and executives. 

SECURITY TEAMS IN NON-SIEM ENVIRONMENTS: ISSUES AND CHALLENGES

Cyber security teams (a) assess logs and events to determine if cyber threats exist, (b) identify the sources and nature of cyber threats and, (c) attempt to rectify problems as soon as possible. Security teams monitor firewalls, IP addresses, network traffic, operating systems, databases, system configurations, applications, user activity, and so forth. Whenever possible, automated alerts are programmed into monitoring systems. This enables security teams to reduce (potentially) millions of events into manageable sets of anomalies that require further investigation. Security analysts tend to discover threats based on their ability to recognize irregularities in what they perceive as the norm.

Security_Operations_Center

Read More

Topics: C-Level Executive Concerns, SIEM Strategies, SIEM, Cost Justification for SIEM

Also download:

The C-Suite Guide to SAP Security

Free White Paper

This paper introduces senior executives to (a) the real-world risk factors associated with inadequate SAP security, (b) the consequences of allowing traditional SAP security measures to remain status quo, and (c) the benefits of deploying an advanced SAP security and compliance solution. 

Download the PDF

 

Subscribe to SIEM Email Updates