Why SIEM is Irreplaceable in a Secure IT Environment?

2019 Open Conference of Electrical, Electronic and Information Sciences (eStream 2019): Proceedings 2019
Oskars Podziņš, Andrejs Romānovs

The aim of the publication is to brief on the importance of a SIEM (Security Information and Event Management) solution. Its benefits but also taking time to reflect on this system drawbacks. All of which is intended for those who are looking into cybersecurity solution that will learn from entire IT infrastructure and be able to identify anomalies, like cyberattacks. Depending on the region and market, enterprise priorities tends to be different, but all mainly take into consideration TCO (Total Cost of Ownership), which in SIEM case is a key metric. If company/organization is serious about deploying a SIEM, then another key security technology they should think about is SOC. If deployed correctly than SOC (Security Operations Centre) is a full framework of technologies, people and processes to act like a well-oiled machine that identifies, protects, detects, responds and recovers from all security related incidents.

Atslēgas vārdi
cyber security, network security, security management, computer security, SIEM, Log analysis, SOC, incidents management
DOI
10.1109/eStream.2019.8732173
Hipersaite
https://ieeexplore.ieee.org/document/8732173

Podziņš, O., Romānovs, A. Why SIEM is Irreplaceable in a Secure IT Environment? No: 2019 Open Conference of Electrical, Electronic and Information Sciences (eStream 2019): Proceedings, Lietuva, Vilnius, 25.-25. aprīlis, 2019. Piscataway: IEEE, 2019, 100.-104.lpp. ISBN 978-1-7281-2500-8. e-ISBN 978-1-7281-2499-5. Pieejams: doi:10.1109/eStream.2019.8732173

Publikācijas valoda
English (en)