Let's say you have data aggregated. Now you can begin to mine it for relevant events. That's the point of SIM, right? Separating the wheat from the chaff? Although there are some common event sets that can be applied to most networks, you can bet you'll be doing (or having done for you) a lot of customization. This is not a fire-and-forget technology by any means.
Is there a benefit to SIM? Sure. If your security administrators can work more efficiently and effectively, that's a big win for already overworked staff. But you have to determine whether the costs will justify the gains.
Mike Fratto is a senior technology editor based in Network Computing's Syracuse University Real-World Labs®; he covers all security-related topics. Prior to joining this magazine, Mike worked as an independent consultant in central New York. Write to him at [email protected].
Arcsight: ArcSight is making strong moves into the SIM space, a product area we see as key for enterprise security management.
IntruVert Networks: IntruVert's thing is high-speed IDS--up to 2 Gbps--and enterprise management. And its IntruShield is OSEC-compliant to boot.
NetScreen Technologies: NetScreen makes the definitive hardware firewall. With its recent acquisition of OneSecure, the company is poised for some interesting integration between the product lines.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
