Access "Get actionable results from a security information management system"
This article is part of the June 2011 issue of BYOD means creating a new security game plan in the enterprise
Security information management, or SIM, is the discipline and technology used to collect security information from log files and other sources in order to detect and react to security events. SIM is a lot broader still. Today’s servers, network devices and applications generate enormous amounts of logs and an infinite variety of information. That mountain of data can be analyzed, correlated and filtered to arrive at a myriad of conclusions related to security, compliance and application performance to name just a few. With so many possible uses, a SIM solution must be focused or it will succumb to information overload, performance problems and become unusable. SET LIMITED GOALS FOR SIM The function of SIM is to find indications of specific security events in a large set of security events. In plain terms, SIM is about finding a needle in a … needle stack. It is a difficult task to begin with, yet many companies make it even more difficult by trying to do too much with SIM, effectively making the “needle stack” bigger and bigger. The first and most important... Access >>>
Premium Content for Free.
Get actionable results from a security information management system
by Andreas M. Antonopoulos
In order to get the best results, you need to limit your goals for SIM.
Revamped FISMA requirements aim to improve federal security
by Crystal Bedell
An automated tool and mandates for continuous monitoring try to improve federal information security efforts.
- Get actionable results from a security information management system by Andreas M. Antonopoulos
IT consumerization drives new security thinking
by Marcia Savage, Editor
The influx of personal smartphones and other computing devices into the enterprise is forcing a shift in security strategy.
Data breaches show enterprise need for better data security management
by Robert Westervelt, News Director
Sony and other data breaches suggest need for data accountability, better configuration management.
- IT consumerization drives new security thinking by Marcia Savage, Editor
Lack of SMB security opens door to online criminals
by Michael S. Mimoso, Editorial Director
Online criminals have smaller targets firmly in their crosshairs.
Mobility trend takes off in the enterprise but leaves out security
by Chenxi Wang
Banks and other businesses are rushing to jump on the mobility trend but leaving security behind.
Marcus Ranum and Bob Blakley discuss risk management failures
by Marcus J. Ranum, Contributor
Security expert and Information Security magazine columnist Marcus Ranum continues a new bimonthly feature where he goes one-on-one with a fellow security industry insider.
- Lack of SMB security opens door to online criminals by Michael S. Mimoso, Editorial Director
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...