Preview Mode Links will not work in preview mode

CyberSecurity Sense is LBMC Information Security's podcast that provides insight and updates on such information security topics as: IPS Monitoring and Managed IDS Services, Security Information Event Management, Digital Forensic Analysis, Electronic Discovery and Litigation Support, Computer Security Incident Response, Penetration Testing, Risk Assessments, Security Program Planning, Web Application Security Assessments, ACAB LADMF Certification Assessments, CMS Information Security, FedRAMP, FISMA Compliance, HIPAA Compliance, HITRUST CSF Certifications, NIST 800-171 Certifications, PCI Data Security Standards, SOC Reporting and SOX Compliance. 

Aug 1, 2017

SIEM, or security information & event management, is becoming a fairly common security control these days. It focuses on aggregation and analysis of log data. For this podcast we will assume you have a basic understanding of SIEM and how it’s commonly deployed. If you don’t have that base-level of understanding, you might want to check out one of our other podcasts that focuses on SIEM fundamentals.

 

We’re going to focus on 3 key value points that any SIEM implementation should provide. The reason for breaking these down for you is that we see far too many organizations that aren’t realizing the full value of their SIEM.

1- Worst Case Scenario Protection

2- Audit & Reporting

3- Research & Troubleshooting

 

No matter if you are using a managed service provider for SIEM or running your own platform in-house, you need to make sure you are getting at least these 3 key value points from the solution. The ability to articulate this value to your operational and leadership teams is going to go a long way in showing that you understand that cybersecurity technology investments need to have a ROI –just like any other major business investment.