Security Information and Event Management (SIEM) have done well to evolve beyond log retention, but is their time up?

Adversaries are becoming more advanced and tougher to stop. To make matters worse, a history of poorly designed data privacy regulations has encouraged habits that sometimes sacrifice security.

Existing security controls and Security Information and Event Management (SIEM) solutions need to up their game to counteract the adversary’s ability to exfiltrate all kinds of data. Are they able to take it to the next level? Many are stuck, still reactively counteracting known Tactics, Tools and Procedures of our adversaries. This isn’t enough as most can’t keep pace as adversaries improve their malicious attack methods.

Many organizations still prefer on-premises solutions despite the slow start-up process and limited capabilities to protect data. That’s not even mentioning the huge cost. Safeguarding personal data against breaches requires something better. SIEM evolved from a log retention platform to add improved alerts and dashboards to try and fill this gap in the market.

Where SIEM has failed, security analytics applications are proving successful. Most security analytics software involves a combination of threat intelligence and data science techniques to speed up detection and response. But even though security analytics can be invaluable to security teams, results vary wildly depending on the provider.

This Digiconnect virtual boardroom will bring together senior information security leaders from across the Middle East to discuss some of these challenges, share ideas and latest best practices and innovative solutions on how to effectively manage and respond to security information and events and amidst the changing landscape of today’s cyber threats.