| Effective security monitoring is more challenging than it used to be. Vigilant excels at knitting together the threads of information you need to recognize attacks on critical business assets. Additionally, Vigilant is an important voice in the overall effort to make security measurable | ||
|
it security monitoring news
Three Keys to Making Security Information and Event Management Work for the Bottom Line
Vigilant Outlines How Companies Can Balance Cost and Risk Factors
to Optimize Security Initiatives
NEW YORK – March 31, 2009 – In today’s recessionary economy, keeping costs and security risk factors in check is increasingly important, especially as budgets shrink and security threats continue to increase. Security information and event management (SIEM) products have the potential to significantly increase security team efficiency in protecting corporate IT assets, yet Vigilant, which helps IT security teams better defend and enable dynamic business, finds that few SIEM product owners are actually satisfied with the value of their investment, and most use only a fraction of the products’ capabilities.
Corporate IT decision-makers often purchase SIEM, or enterprise security information management (ESIM), solutions with the expectation of being able to automatically highlight key security concerns and make tasks like compliance reporting easier. Companies want to bring together information from various key devices – such as firewalls, intrusion detection systems, authentication directories and critical application servers – to streamline the process of sifting through vast amounts of event data to identify security breaches in real time. While doing so would enable security teams to more quickly pinpoint and remediate serious security issues, it isn’t always that easy. When viewed as a one-time deployment effort, SIEM projects accomplish little more than just the centralization of log data – which while effective in improving staff efficiency, leaves the real value of these solutions untapped, according to Joe Magee, co-founder and chief technology officer (CTO) for Vigilant.
“We talk to companies on a daily basis that have invested thousands, sometimes millions, of dollars into the promise of these tools, but are so frustrated that they’re ready to pull the plug,” said Magee. “We’ve been able to talk them off the ledge. They’ve got a pot of gold that can deliver powerful results, but they need guidance on how to get there.”
Efficiencies from SIEM and the positive impact on the bottom line from benefits like improved staff efficiency evolve as product configuration is adjusted based on the specific environment, both from the technical and business aspects. Security management experts from Vigilant have outlined three key steps companies can take to maximize security budgets with SIEM and yield greater business benefits and improved security management.
Vigilant provides on-site and managed services that help customers accelerate ROI from their SIEM and log management tools, using granular, best-practice methods derived from its expertise and focus on security management technologies.
Corporate IT decision-makers often purchase SIEM, or enterprise security information management (ESIM), solutions with the expectation of being able to automatically highlight key security concerns and make tasks like compliance reporting easier. Companies want to bring together information from various key devices – such as firewalls, intrusion detection systems, authentication directories and critical application servers – to streamline the process of sifting through vast amounts of event data to identify security breaches in real time. While doing so would enable security teams to more quickly pinpoint and remediate serious security issues, it isn’t always that easy. When viewed as a one-time deployment effort, SIEM projects accomplish little more than just the centralization of log data – which while effective in improving staff efficiency, leaves the real value of these solutions untapped, according to Joe Magee, co-founder and chief technology officer (CTO) for Vigilant.
“We talk to companies on a daily basis that have invested thousands, sometimes millions, of dollars into the promise of these tools, but are so frustrated that they’re ready to pull the plug,” said Magee. “We’ve been able to talk them off the ledge. They’ve got a pot of gold that can deliver powerful results, but they need guidance on how to get there.”
Efficiencies from SIEM and the positive impact on the bottom line from benefits like improved staff efficiency evolve as product configuration is adjusted based on the specific environment, both from the technical and business aspects. Security management experts from Vigilant have outlined three key steps companies can take to maximize security budgets with SIEM and yield greater business benefits and improved security management.
- Align Security to Business Needs: Plan around core business priorities and risks. These will likely include improving event correlation and incident remediation to optimize security operations. SIEM teams should look beyond security needs to incorporate the broader needs of the business, including regulatory and compliance requirements. Quick, valuable results come from focusing on protection of critical services and lines of business that generate revenue, or areas which, if unattended, may lead to compliance-related fines, driving costs up – not down.
- Deploy in Stages: Establish a plan to deploy SIEM as a series of consecutive projects, each addressing a specific set of security management objectives. Roll out each phase thoroughly – from source log through to management metrics – and allow time for tuning and enhancements. This ensures that key SIEM stakeholders are getting what they need and expect from the solution. As an example, log management in a vacuum, apart from business context, is not the goal and doesn’t provide necessary value overall.
- Measure and Report: For each project, create and deliver reports that specifically demonstrate the results – and not just to peers or direct managers in the IT organization. The ability to show improvements and return on investment (ROI) to corporate management will demonstrate the increasing ability of the security team to advance the larger business interests, helping to maximize investments and ensure business buy-in.
Vigilant provides on-site and managed services that help customers accelerate ROI from their SIEM and log management tools, using granular, best-practice methods derived from its expertise and focus on security management technologies.