Access your Pro+ Content below.
SIEM analytics: Process matters more than products
This article is part of the Information Security magazine issue of October 2013 Vol. 15 / No. 8
Security information and event management (SIEM) projects—still in the early stages for some organizations—have a long and somewhat tortuous history. After two decades, many of the remaining challenges concern SIEM-related processes and practices rather than the tools themselves. Organizations can procure next-generation SIEM products from numerous vendors, but buying the security monitoring capability is impossible. Research indicates 75% of chief information security officers who experience publicly disclosed security breaches and lack documented, tested response plans will be fired. Gartner Research SIEM tools collect, correlate and analyze a wide variety of security-related data. This information can include logs, alerts and flows as well as vulnerability, asset and user contexts. Security monitoring refers to the set of operational processes that are built around the tool. SIEM processes, which can apply to multiple security monitoring and data analysis technologies, depend on the usage of the product. Is it for security ...
Access this PRO+ Content for Free!
Features in this issue
In this special report, Gartner's Anton Chuvakin uses SIEM processes to show how security monitoring can make or break a SIEM implementation.
Expect Microsoft Word to write the next great American novel? Success or failure with SIEM products rests on your security monitoring capabilities.
SDN is a design with security as its foundation, and it has the potential to solve traditional networking's glaring security issues.
Columns in this issue
We've tallied the votes in our Readers' Choice Awards 2013. Find out the best security products of the year.
In his inaugural Security Economics column, Peter Lindstrom looks at technology risk management, and how to make the hard decisions pay off.
Iowa State University recruits industry professionals and hackers to provide students with "real-world" security education.