#computersecurity | #comptia | There’s No Such Thing As “Hands-Off Cybersecurity”


At the enterprise level, there is no such thing as “hands-off cybersecurity.” Technically, such a term may not even apply to personal cybersecurity, but that’s a question for another day. 

ALERT: Our Buyer’s Guide for SIEM helps you evaluate the best solutions for your business use case and features profiles of the leading profiles, as well as a category overview of the marketplace and Bottom Line Analysis.

Ultimately, hands-off cybersecurity represents a dream for IT decision-makers for businesses of all sizes. After all, if you can just set and forget your cybersecurity, you can focus your attention on other critical IT processes or personal threat hunting. 

However, it doesn’t exist. It doesn’t exist for SIEM, or endpoint security, or identity management. In fact, the former embodies the new attitude necessary for optimal cybersecurity performance more than any other InfoSec tool; that attitude involves constant maintenance and vigilance. 

SIEM operates through log management; it collects data from various network locations and consolidates and aggregates them into a single network location. So far so good. Then it normalizes that data and scans it for security events before sending an alert. 

But that description leads to numerous questions. Where does SIEM collect the necessary data from (as in, which network locations do you prioritize)? Trying to aggregate from too many IT environment components at once can quickly burn out your IT security team. How should the program normalize the information it does collect? What constitutes a security event? 

That last question should definitely give you pause; failing to answer it adequately can lead to a significant number of false positives, further leading to burnout or lost opportunities for threat hunting. You need to constantly reconfigure your SIEM parameters to match with your current IT environment, business goals, and workforce demands. 

To do otherwise, and embrace a hands-off cybersecurity model, is to let your business remain at risk. Find out more in our SIEM Buyer’s Guide. 

Ben Canner

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.

Ben Canner

Latest posts by Ben Canner (see all)



Source link

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

Leave a Reply