Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Be clear about the impact of SIEM-enhanced security visibility<br />
Be prepared for dealing with issues and events that you might have been<br />
unaware of without SIEM.<br />
1. Pre-SIEM: <strong>Information</strong> risks and associated security<br />
management costs increase over time as new threats<br />
appear.<br />
2. Immediately Post-SIEM: Increased visibility into extant<br />
threats results in increased cost of managing those<br />
threats – ignorance can no longer justify inaction.<br />
• Per event/incident costs will decline through earlier<br />
detection opportunities and investigation efficiencies<br />
provided by the SIEM tool.<br />
• Since those threats always existed, and are now being<br />
acted upon, overall risk begins to decline.<br />
• As SIEM-based efficiencies are realized, the cost of<br />
managing visible threats returns to baseline levels.<br />
3. Long-Term Post-SIEM: Both risk and security costs can<br />
be driven down further through feedback from SIEM into<br />
technical and procedural controls.<br />
SIEM’s Impact on Risk and Cost Over Time<br />
Info-Tech Research Group<br />
11