SIEM: Solve for the Bigger Business Issues
After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered mature. Capabilities such as event collection, correlation, alerting, and demonstrating compliance with regulatory mandates are table stakes, and most SIEM solutions address these needs. But the landscape is changing. Organizations face new threats such as targeted and persistent attacks, new trends like mobile, cloud, and virtualization, and shifting business priorities around customer acquisition, operational efficiencies, and cost savings. As a result, SIEM use cases require more advanced capabilities to solve bigger business issues.
McAfee talked to customers and asked them to tell us about their primary issues with SIEM. Here are the top five issues as explained to us:
• Big Security Data
• Content and User Awareness
• Dynamic Context
• Solution Customization
• Business Value