According to market researchers, Gartner, the Security Information and Event Management (SIEM) grew some 23 percent during 2012, reaching a total of approximately $1.36 billion worldwide. Given the need for continuous, real-time monitoring of security and activity that comes with the adoption of cloud services, and the growth in the use of those cloud services, this growth is likely to be at the very least maintained over the next few years.
There is, however, one factor that could hinder such growth, a factor that is the bug-bear of many potential users – the complexity and resources needed to deploy it have been a deterrent for many of them.
That is why IT services company, CSC, has come up with a service provision implementation of SIEM, a managed service available through the company’s global network of security operation centres.
The service, will allow businesses “While organizations recognize the essential value of SIEM functionality, the complexity and resources needed to deploy it has been a deterrent for many”
to both detect and prevent sophisticated cyber-security threats. In addition, it will help facilitate forensic investigations and meet the growing compliance and regulatory demands which require businesses to maintain extensive records of security events. These needs are driving increased demand for enterprise logging and SIEM technology.
While CSC provides customers with the infrastructure, processes and personnel needed to monitor, report and escalate security events around the clock, proactively, the service itself uses HP ArcSight technology to provide comprehensive collection, aggregation, storage and correlation of logs across multiple networked devices, systems and applications.
The ArcSight Security Intelligence platform is designed to help safeguard business data and activity by providing complete visibility into activity across the IT infrastructure. This included external threats such as malware and hackers, internal threats such as data breaches and fraud, risks from application flaws and configuration changes, and compliance pressures from failed audits.
It enables users to collect, analyse, and assess IT security, enterprise security and non-security events for rapid identification, prioritisation and response. Among its specific capabilities is the provision of a unified view of security on big data through collection, storage, and analysis for IT security, compliance, ops, and analytics.
The system can also collect, store, and analyse big data from any device, any source, and in any format from 350+ connectors, correlate billions of events daily to find threats and vulnerabilities, and automate threat profiling, detection, and response in real-time.
“While organisations recognise the essential value of SIEM functionality,” said Samuel Visner, vice president and general manager, CSC Global Cybersecurity, “CSC’s solution allows companies to manage their security through our global team of certified security analysts and adopt the technology in stages, from enterprise logging to the most advanced SIEM capabilities.”