The SIEM is Dead…but What’s Next?

The SIEM is Dead…but What’s Next?

Do you recall the last time your Security Information and Event Management (SIEM) system provided you with something useful? When I say ‘useful’ I’m not talking about a simple log event from your antivirus server. I’m talking about an actual cyber-threat to your organization.

If it’s taken you more than 10 seconds to think of such an incident notification, it’s probably safe to assume you’ve received such a high volume of notifications, it’s hard to tell what’s real and what’s not.

Unfortunately, you’re not alone. There’s so much noise that it’s virtually impossible to follow up. There’s no way for a team of security professionals to analyze the terabytes of log data that can occur on a network daily. So what’s the answer?

Machine Learning

A new, advanced type of artificial intelligence employs machine learning algorithms and big data analytics to build behavioral profiles of your network’s activity. These systems learn to spot anomalous behaviors over time based on new data that is added to the system.

Human Intelligence

Certified security experts investigate network abnormalities, block data exfiltration and deliver actionable intelligence to organizations’ security teams. They also provide detailed remediation guidance to help your security teams stop cyber criminals in their tracks.

Continuous Monitoring

Few corporate security teams have the resources to provide 24/7 monitoring needed to detect and analyze threat information across your various systems. A third party service provider can become a virtual part of your team and help detect and defend against threats before they emerge.

There are many new and advanced approaches to cybersecurity that aim to help organizations improve their situational analysis of emerging and constantly changing cyber threats. Intelligence-driven solutions help build contextual awareness and extract meaning from the vast amount of data generated by existing security systems. Given the growing incidence of cyber breaches, it may be time for your organization to investigate these highly effective security options.

Learn more about this advanced and integrated approach to enterprise security with Masergy’s Managed Security.

About Craig D' Abreo

VP, Security Operations, Masergy
Craig oversees the Managed Security, Threat Intelligence and Security Professional Services departments at Masergy. He is responsible for Masergy’s proactive enterprise cybersecurity threat management and operations program. Craig holds a bachelor’s degree in Computer Science and an MBA in Information Security. He is a Certified Information Security Systems Professional (CISSP) with over a decade of experience in the security industry and holds various network security certifications. He has written on various security blogs, spoken on a range of industry panels and is a recognized thought leader in the cybersecurity space.