The problem with many SIEM deployments is they’re purchased, acquired and absorbed, but not operationalized, said Anton Chuvakin of Security Warrior Consulting. SIEM or Security Information and Event Management is the use of technology to collect data from different systems and study what it means. Chuvakin explained that compliance, such as PCI, requires users to not only deploy a solution, but to actually touch and look at the data in at least a daily manner.

Chuvakin also offered up some advice on the most effective way to deploy SIEM within an organization so as to get “quick wins” and be very effective in your phased deployment.

Categories , Incident Detection, , Regulatory Compliance, ,

Tags , , ,


2 Comments

Leave a Reply

David Spark

David Spark has contributed 156 posts to The State of Security.

View all posts by David Spark >