SOURCE: Vigilant LLC

Vigilant LLC

February 24, 2010 09:26 ET

SIEM Best Positions Organizations to Meet 2010 IT Security Challenges

Vigilant Shares How SIEM Helps Companies Meet Mounting Concerns With Unchanging Budgets

NEW YORK, NY--(Marketwire - February 24, 2010) -  With economic recovery still on an unpredictable path, most companies face 2010 with the mandate to meet growing security challenges with little, if any, increase in budget. But while budgets will continue to be constrained, the variety and sophistication of security attacks continue to develop unabated, and regulatory requirements continue to gain stringency and enforcement muscle. In addition, security attacks leading to data breaches in 2009 estimated a loss on average of $675 million, according to a recent study from the Ponemon Institute.

This environment causes most security leaders to focus on extracting greater effectiveness and efficiency out of tools in which they've already invested. Vigilant LLC, a provider of on-site and managed IT security services, says that companies who have already invested in Security Information and Event Management (SIEM) products are best poised to make substantial security improvements in 2010 -- if they concentrate efforts on maturing their use of the technology. This is because SIEM tools have the ability to centralize logs and security information across the entire environment, and automate complex correlation of security events in real time. 

For many industries, like financial services SIEM technology is critical. The need to monitor not only what goes on within an internal network, as well as interactions with a wide range of third parties is crucial. The increased intelligence that a SIEM provides means companies can utilize fewer resources to meet business goals, manage risk and ultimately protect the company and its customers.

Unfortunately, Vigilant says, SIEM tools are often the security team's most underutilized investments. To ensure organizations make the best use of an existing SIEM investment, Vigilant suggests the following moves:

  • Tie security monitoring to business priorities. Not all assets are equal from an IT risk perspective. When resource limitations make it impossible to implement 100 percent of an ideal security architecture, it's critical to make monitoring IT components that support the most critical business processes a priority, as well as ensure that change controls are established to adjust monitoring when infrastructure elements change.
  • Build application and transaction awareness into the SIEM. With a granular understanding of how key applications "talk to" and utilize various components of the infrastructure, SIEM correlation can be tuned to detect departures from normal application processes, enabling fewer and more meaningful security alerts. 
  • Utilize the capacity of SIEM to correlate events with non-IT data. Information such as the geographic location of a user or updated awareness of former employees who are no longer permitted to access the network can be invaluable in identifying fraudulent activity, data theft and various forms of insider threat.

"For companies that already own a SIEM, their best investment will be to mature the SIEM deployment they've already got," said Bill Edwards, chief information security officer, Vigilant. "Without buying anything new, most users can substantially increase transparency into their environments to better detect security related issues, and improve the tracking and reporting of compliance-related controls and policies. This enables over-burdened security teams to more efficiently identify and address security related incidents within their organization."

While these improvements require a strong program manager and well-defined supporting processes, companies that focus on maturing their SIEM deployment this year will achieve the greatest improvement in overall IT risk posture. And companies with limited security IT resources don't have to go it alone either -- with vendor support and outside security experts, many companies can maximize existing systems with a finely-tuned plan. Vigilant's own growth in 2009, reflected in a more than 60 percent increase in its customer base and a 300 percent growth in its managed service for SIEM, reveals an increasing trend in managed security services and strategic planning that helped leading organizations in the financial services, retail and utilities industries better utilize SIEM systems and better align security with the bottom-line business goals.

About Vigilant
Vigilant LLC provides on-site and managed services that help IT security teams better defend and enable today's dynamic business by refining and extending the security information and event management infrastructure. The company's pragmatic approach solves today's urgent security problems, while enabling rapid progress toward longer-term security program objectives. Vigilant empowers customers to more efficiently respond to shifting threats, achieve regulatory compliance, prioritize protection of services that drive revenue and competitive advantage, and measure progress of the overall IT risk management program. Founded in 2003, Vigilant is headquartered in New York and serves a wide range of global and regional organizations whose mission requires them to secure highly sensitive and regulated services.

Contact Information

  • Media Contact
    Meghan Attreed
    Articulate Communications Inc.
    212.255.0080, ext. 13
    Email Contact