Enterprise Security Trends Blog | HP Blogs
Keep up with the latest cyber, consumerisation, collaboration and cloud enterprise security trends from the team of HP information security professionals.

Protect your Enterprise Information by using what it tells you.

 Your company’s information is in constant peril. I know ‘peril’ sounds like a strong choice of words, but when you think about all of the ways your information can be hacked - worms, mutating viruses, port scans, denial-of-service assaults, users? – the word peril just about sums it up.

 

Logging-Monitoring_123RF-300x203.jpgAnd since all enterprise information is threatened by these constant dangers, you need to be able demonstrate to your customers and regulators that your company has an effective security posture, the ability to respond rapidly to incidents, and the ability to meet stringent compliance reporting requirements.

 


Point solutions for specific threats may seem like a good idea at first but in the long run, they are not the best choice. With increasing pressure from Sarbanes-Oxley (SOX), UK Government Connect, HIPAA, PCI DSS, and other regulatory and commercial initiatives, both small and large companies are starting to adopt Security Information & Event Management systems, or SIEM for short, that combine the disparate information generated by point solutions and deliver a holistic view of their overall security strategy.

These don't in anyway replace those point solutions but will make sense of them in a centralised manner.

 

SIEM systems collect and correlate millions of different events and transform that data into comprehensible dashboard displays, comprehensive management reports and actionable alerts.

 

SIEM systems can:

  • Detect fraud
  • Expose internal and external threats
  • Spotlight weaknesses in security enforcement
  • Highlight configuration issues

 

Even more important in light of today’s regulatory demands, a SIEM system can demonstrate your organization’s compliance with governmental regulations and policies. If your enterprise does not have a SIEM solution in place, you are increasing the risk of seeing your organizations’ name on the front-page of the tabloids for security blunders. The word ‘peril’ is sounding more and more appropriate right?

 

HP offers a Security Information & Event Management services that leverages HP networking, infrastructure, and SIEM expertise to create a unified SIEM solution. With this offering, there is no need to design and administer a complex security management system on your own. HP has done the work for you, so you can choose the options that best suit your security and compliance requirements—while experienced HP security personnel implement and manage your SIEM service.

 

Have you adopted a SIEM solution yet? If so, what were your reasons for choosing SIEM? Is it helping you to overcome the information security ‘perils’ that are lurking in the shadows … or out in broad daylight, which seems to be the case more and more these days?

 

You can learn more about HP’s SIEM services in this Fact Sheet. Or visit these resources to read more about HP’s Enterprise Security Solutions:

 

Comments
Calum Auld(anon) on ‎07-12-2012 02:24 PM - last edited on ‎07-12-2012 04:43 PM RichFerrier

Interesting article Rich.  It amazes me still that people don't realise the importance of correlation in this day and age.  All APT's that we see would (and can) be caught early if more people implemented a SIEM solution like ArcSight.  The ability to correlate and search millions of logs from disparate systems in seconds is vital in being able to track a malicious piece of code or a disgruntled user.

 

Many companies today still believe that because they have SYSAdmins receiving alerts from all their systems that they are covered.  This is not the case and without the assistance of ArcSight, many companies will be missing the vital information they need in order to protect themselves from fraud and threat exploitation

Nadhan | ‎07-13-2012 05:04 PM

Great points, Rich.  In my post on Informationalization introduced by Thomas C Redman on the Harvard Business Review blog, I refer to his assertion that this must be done securely.  Your post reinforces this idea very well and double-clicks on how this can be done.  @NadhanAtHP

TSchreider | ‎09-21-2012 01:58 PM

Rich I was glad to see that you called out fraud detection as a fundamental aspect of SIEM.  The advent of Big Data is providing more data to analyze that may present instances of fraud that were never previously available. The ArcSight CORE engine is uniquely suited to culling and reporting on patterns of fraud.

SIEM Guy(anon) | ‎01-22-2013 11:32 PM

Nice read Rich,

 

I came across this article while resarching SIEM solutions, found it via a SIEM site that must have been writtern buy one of you guys as it draws similar conclusions as you.

 

Cheers.

Bob

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.