Pivot Point Security Discusses Pitfalls of SIEM at CSO Event

Share Article

John Verry (CISA), Principal Enterprise Security Consultant with Pivot Point Security speaks on Security Information and Event Management challenges at Baltimore CSO Breakfast Club event.

John Verry spoke before an audience of experienced and senior Information Security professionals from a variety of markets at the CSO Breakfast Club's Baltimore chapter event on Network Access Control (NAC) and Security Information and Event Management (SIEM).

Verry, an expert on the topic of SIEM with over 7 years of SIEM experience under his belt addressed the crowd on the SIEM landscape, including the history of the solution, its early pains and its growing success stories. His "Keys to Success" formed the basis of the presentation and elicited extensive interchange with members considering and/or in the process of implementing SIEM technology.

Over the course of the hour long discussion, Verry explained that while in its earlier, more immature years, SIEM solutions received a bit of a 'black eye' for several reasons, SIEM solutions have changed quite a bit in recent years in part due to industry consolidation and product acquisition by larger, more established companies. He continued by stating this maturity has turned SIEM solutions into an answer to the challenge of demonstrating compliance with numerous regulations including; PCI-DSS, SOX, HIPAA, and ISO27001 for many organizations. He noted a good example of this recent maturity is indicative in the Novell Sentinel SIEM solution, acquired from e-Security in 2005. With Novell's enhanced development and support services the product has evolved significantly since the acquisition.

He stressed that the key elements to success in any SIEM project are clear definition and alignment (with systems architecture and databases) of requirements, commitment of the necessary resources and a tightly scoped and phased implementation approach. Within this portion of the presentation he stressed that knowledge of the events generated by an enterprises' security devices per second is one of the critical metrics when defining requirements. He continued to note that these event rates will ultimately define the other requirements of the project, especially the database architecture.

The event concluded with a recap of his key points along with the important advice to start such projects small and create positive momentum and political support within your organization to make a SIEM project successful.

A copy of Verry's presentation can be downloaded from: http://www.pvtpt.com/company/news.php

About Pivot Point Security:
Pivot Point Security is a boutique information security consulting firm architected to provide maximum levels of independent and objective assurance to its varied client base. Our specialization in Information Security Auditing, Penetration Testing, and Security Information and Event Management provides unsurpassed levels of value to an organization's technology and business strategies. It is our credo of 'reasonable and appropriate' Information Security that makes Pivot Point the leader in this highly specialized IT discipline in the NY/NJ/PA metropolitan area. In our 7 year history, we have brought this value to hundreds of clients.

Contact:
Robert Nolan, Director of Sales & Marketing
Pivot Point Security
888-748-6876 ext. 321
http://www.pivotpointsecurity.com

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

John Verry

Robert Nolan
Visit website