How Can SIEM Deflect and Deter Modern Cyber-Threats

How Can SIEM Deflect and Deter Modern Cyber-Threats

Posted April 27, 2021

How Can SIEM Deflect and Deter Modern Cyber-Threats

  • Some IT decision-makers chaff at the idea of SIEM can help them deflect modern cyber-threats; SIEM does possess a reputation as being difficult to work with and generating false positives.
  • Current research suggests SIEM becomes part of a wider cybersecurity platform unified by security orchestration, automation, and response (SOAR). SOAR decentralizes and re-centralizes cybersecurity tools like SIEM, firewalls, and identity management by unifying each’s findings under one pane of glass.
  • Visibility is the most essential cybersecurity principle. Without visibility, you’re literally operating in the dark. You can’t protect what you can’t see. 
  • SIEM can assist with increasing network visibility via its log management. However, using SIEM as a visibility tool raises new questions. Where should your SIEM prioritize? How can it handle a scaled environment? Can you maintain visibility over your network when it isn’t under your direct vision to begin with? 
  • A next-generation SIEM solution should enable your IT security team to revise and monitor configuration rules on the fly, easing the visibility issue.

– Ben Canner | April 27, 2021