The Benefits of SIEM    
Effective security monitoring and compliance requires a SIEM technology approach in order to be able to centrally collect and process data from all manner of potential endpoint devices, systems and critical business applications. What follows is a high level summary of some of the benefits afforded and the issues addressed by SIEM.

  • Addressing Business Risk. Management decided that the consequences of a digital risk are less costly to accept than the efforts to mitigate those risks. Security is a part of the management and financial controls of the company.

  • Lowering Business Impact. Lost business and revenue opportunities -- can your company afford to have its order taking system down for more than a few hours? How much business would you lose if customers couldnt contact you? What about the impact to customer satisfaction ratings? Would you lose part of your customer base - and ultimately the viability of the firm? Would you lose out on potential business opportunities - for example, some firms will not deal with you if you havent dealt with these risks.

  • Providing Pain Relief. Highly paid security teams running around chasing down false positives, when they should be focussing on delivering benefits to the organisation.

  • Enabling Man Power Cost Reduction. If there are less false positives to chase down there is less requirement to have more highly paid staff engaged in this function, leaving some staff to be potentially deployed on other activities.

  • Lowering Remediation Costs. Reduction in the costs associated by the impact of an enterprise-wide attack - if you can track and limit the spread the remedial costs drop significantly. Having better information available about security status and situational awareness allows for faster and more informed business driven decisions to be taken.

  • Assisting Compliance and Governance directives. Corporate governance decrees that relevant controls and responses are embedded into the business. Compliance and regulatory issues are increasingly difficult to withstand validation from external audit or internal senior management.

  • Reducing 'Data Overload'. Security end-point devices produce so much event traffic that the logging facility has been turned off. Multiple, disparate log formats exist. Security blindness has set in. Storage of data also an issue for many organisations. SIEM can help solve this problem with intelligent on-line, near-line and off-line storage capabilities from a central point. This is key for forensic investigations and analysis and ultimately supports auditing and compliance requirements.

  • Addressing the lack of management visibility. Reporting on staff productivity and network asset performance. Workflow management does not exist and staff resourcing and associated costs are difficult to track and forecast.
What is SIEM?
Business benefits of SIEM
Why employ a SIEM system?
SIEM technologies
Industry Analysis  

 
Have a question?

T. +44(0) 845 074 0790

E. info@zepko.com
© Zepko 2008    Privacy Policy    Terms Of Use    Contact us        Home