Why SIEM is a Hot Topic in Security Today

Most American companies have built strong fortresses along their online perimeters to protect their systems and data from cyber attacks.

But how do you protect your data and systems when the thieves are already inside your network? That’s a question that left many scrambling when giant Google revealed in 2010 it was the victim of a “highly sophisticated and targeted attack" that resulted in the theft of intellectual property from its systems.

Fears were amplified in 2011 when cyber thieves used remote access methods to hit Sony, Massachusetts General Hospital, Citibank and the U.S. Chamber of Commerce, all of which suffered large losses. Sony, for instance, reportedly could suffer losses of between $1 billion and $2 billion, according to analysts quoted in Wall Street Journal story.

Verizon’s annual 2012 Data Breach Investigations Report, revealed that 174 million corporate records were compromised worldwide in 2011, up from just 4 million a year earlier.

Corporate Data Theft, BYOD Security Concerns

The huge increase in corporate data thefts and the rapid proliferation of workers bringing their own devices to work have made Security information and Event Management, or SIEM, a very hot topic in security.

Traditionally, retailers and other enterprises used SIEM to secure payment systems and to comply with Payment Card Industry Data Security Standards, also known as PCI DSS. Now, however, companies of all sizes are concerned about advanced persistent threats of the like that hit Google, and see logging scrutiny and security management as keys to thwarting these types of attacks. As a result, several industry research firms have included SIEM is one of the top security trends for 2013.

Pronounced “sim” with a silent e, SIEM is used to spot trends and see patterns in logging information and security alerts from a company’s disparate data systems. The technology, which combines security information management (SIM) with security event management (SEM), checks and monitors data flow as it happens and spots irregular patterns and anomalies in real time and over longer time periods.

SIEM: Better Profiling, Analytics, Breach Detection

Analysts report many organizations are failing at targeted attack and early breach detection. Companies need better threat intelligence, behavior profiling and better analytics, which SIEM provides, analysts said in Gartner’s Magic Quadrant for Security Information and Event Management 2012 report.

Security companies such as McAfee offer SIEM protect with solutions such as the McAfee Enterprise Security Manager, which “consolidates, correlates, assesses, and prioritizes security events.” Products such as this beef up your security by offering periodic incident response and active monitoring.

As companies adopt BYOD, move to the cloud, and engage in social media, it is getting harder to track who has access to sensitive corporate data. As enterprises like Sony and Google have found, companies need to bolster their security systems with SIEM technology so they can better pinpoint and track who has access to their corporate information. Companies that don’t know who is coming into “the store” risk damage to their brand names, declining customer confidence and regulatory compliance fines.