Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Vendor Landscape: Security Information & Event Management
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Executive Summary<br />
Understand SIEM Trends and Considerations<br />
• <strong>Security</strong> <strong>Information</strong> & <strong>Event</strong> <strong>Management</strong> (alternatively known as <strong>Security</strong> Incident & <strong>Event</strong> <strong>Management</strong>) technologies<br />
have evolved from point solutions into comprehensive systems that allow organizations to optimize any or all of the<br />
following important security-related functions:<br />
◦ Collection and management of critical system and network log data.<br />
◦ Execution of processes in support of regulatory and policy compliance obligations.<br />
◦ Identification of information security threats and responses to them.<br />
◦ Continuous information security risk management processes.<br />
• Understand your organization’s needs, potential costs, and readiness to undertake a SIEM deployment before taking the<br />
leap.<br />
Evaluate SIEM <strong>Vendor</strong>s<br />
• <strong>Vendor</strong> offerings target these security functions in substantially different ways based on their SIEM product origins,<br />
integration with their broader security offerings, architectural deployment options, and specific market focus.<br />
• Map your organization’s immediate and future requirements for SIEM against vendor and product capabilities, and<br />
leverage the tools and templates included in this solution set to accelerate selection of a SIEM technology.<br />
Develop a SIEM Implementation Strategy<br />
• Understand options for managed versus self-staffed SIEM implementations and their pros and cons.<br />
• Design a deployment architecture and capture additional implementation and operational costs and benefits, based on<br />
addressing your organization’s specific security and compliance requirements.<br />
• Develop a plan for a phased implementation of the selected SIEM product and architecture, ensuring that you realize both<br />
short and long-term objectives and benefits.<br />
Info-Tech Research Group<br />
3