Manage episode 184754647 series 1526526
SIEM, or security information & event management, is becoming a fairly common security control these days. It focuses on aggregation and analysis of log data. For this podcast we will assume you have a basic understanding of SIEM and how it’s commonly deployed. If you don’t have that base-level of understanding, you might want to check out one of our other podcasts that focuses on SIEM fundamentals.
We’re going to focus on 3 key value points that any SIEM implementation should provide. The reason for breaking these down for you is that we see far too many organizations that aren’t realizing the full value of their SIEM.
1- Worst Case Scenario Protection
2- Audit & Reporting
3- Research & Troubleshooting
No matter if you are using a managed service provider for SIEM or running your own platform in-house, you need to make sure you are getting at least these 3 key value points from the solution. The ability to articulate this value to your operational and leadership teams is going to go a long way in showing that you understand that cybersecurity technology investments need to have a ROI –just like any other major business investment.