Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

All You Need to Know about SIEM and Regulatory Compliance (HIPAA, GLBA, PCI, etc)

1,584 views

Published on

SIEM is a security and compliance management solution that enables organizations to accurately collect, monitor, analyze, and identify security threats and comply with regulations within a single integrated environment.
Due to persistent and intensive threats to business data and unauthorized access to business systems new regulation laws have been mandated which affect a vast majority of organizations. These new regulations require maintenance, backup, and analysis of logs, which has led to the creation of Security Information and Event Management (SIEM) software and solution sets.
The analysis of log data can be very challenging for organizations due to the number of logs created daily. SIEM has been developed to automate tools to meet this need. SDGblue offers both on premise and hosted to SIEM – powered by LogRhythm .For more information about our SIEM solutions, please contact us at 1-800-928-9656 or by email at sales@sdgblue.com.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

All You Need to Know about SIEM and Regulatory Compliance (HIPAA, GLBA, PCI, etc)

  1. 1. www.SDGblue.comCreated by: Patrick QuirkMay 2013
  2. 2. www.SDGblue.comOverview Regulatory Requirements Challenges of Log Analysis SIEM Solutions Hosted vs On Premise More Info Q & A
  3. 3. www.SDGblue.comRegulatory Requirements Regulations are requiring log: Collection, Management and Analysis HIPAA, GLBA, PCI, etc. have multiple logging requirements White papers map requirements of specific regulations https://www.sdgblue.com/knowledge-center/whitepapers/ Goals: Identification of security threats through log analysis Validation of controls
  4. 4. www.SDGblue.comChallenges of Log Analysis Volume Small orgs: Hundreds of thousands of log events/day Staffing to review manually: Not practical! Security Expertise Administration of technical solution False positives vs. Real security threats
  5. 5. www.SDGblue.comSIEM Basics System Information & Event Management (SIEM) Automated solution Collection of logs from all systems in the environment Servers, Firewalls, Applications, etc. Centralized repository of logs data Scanning of centralized log data with logic for Individual events Combinations of events across systems Communicate security threats identified through: Real-time alerts Regularly scheduled reports
  6. 6. www.SDGblue.comHosted vs On-Premise On-Premise SIEM High upfront cost Potentially lower total cost of ownership Requires staff with: Security expertise Time Best fit: Very large organizations
  7. 7. www.SDGblue.comHosted vs On-Premise Cloud-based or Hosted/Managed SIEM Low cost of entry Minimal impact on internal staff Ongoing monthly fees Varying/As needed service levels from vendors: 1st line analysis of alerts and/or reports As needed consulting for: Recommended responses to identified threats Forensic analysis Compliance consulting Best fit: Small to medium organizations
  8. 8. www.SDGblue.comMore Info White Papers https://www.sdgblue.com/knowledge-center/whitepapers/ Contact: Sales@SDGblue.com 1-800-928-9656
  9. 9. www.SDGblue.comQ&A

×