SIEM and Log Management

CASE STUDY: Overcoming compliance burdens while maximizing 24/7 security

A case study for integrated SIEM and Log Management for Orbis Financial From investment management to custodial holdings, Orbis Financial is directly responsible for the safety of assets and securities worth hundreds of millions of dollars since 2005. They utilize and employ innovative technology and “zero-conflict” practices for a variety of India-based and foreign concerns wishing to grow and safeguard their investments in India. Orbis is a registered member of the Securities and Exchange Board of India (SEBI). Though their primary headquarters is located in

How CloudAccess creates unique security value

Learn how  security-as-a-service leader CloudAccess provides both superior integrated solution features and comprehensive service value add to any security initiative including SIEM, log management, Identity and access management, vulnerability scanning, asset management and more. Yet the key to a better night’s sleep is not that an organization employs one or many security solutions, but rather they leverage one another’s capabilities and provide real time correlation and situational context 24/7/365. Like the old proverb, the whole is stronger than the sum of its parts. And that’s

Evening the Odds

This is not a rant to prove how dangerous the IT business landscape has become. We all know the bad guys are getting bolder and smarter, the stakes are higher and the line between security and sacrifice are nearly transparent. Every IT and security professional are well aware of the risks and work hard at preventing breaches, leaks, intrusions and hacks. But, for a variety of reasons (from budget to headcount to lack of C-level support to tool limitations) it seems that the odds are

7 Reasons your existing SIEM is not enough

We offer a brief SlideShare-based blog to discuss how and why most current deployments of SIEM (Security Information and Event Management) do not go nearly far enough to protect the modern enterprise. Whether considering their deployment form or the Sisyphean effort to continually maintain it with fine tuning and script writing, today’s SIEM needs a fresh approach. For many enterprises, SIEM has evolved into a ubiquitous and useful tool. It is meant to detect, correlate and alert users to potential threats. In fact, it is

Beyond building houses, homebuilders faced with IT security challenges too

Just as home builders across the country install state of the art security and anti-theft devices in many of the beautiful new homes they build, this consideration must extend to the personal and financial information of its homeowner customers stored on its or its subsidiaries servers. Because pre-loan and mortgage applications loan digs deeper into a person’s financial life than any other commercial form, it holds a treasure trove of information for hackers. Top 10 builder D.R. Horton found this out first hand last year.

What retailer BCBGMAXAZRIA learned about cloud security, SIEM

The following is an excerpt of the recently released case study on how a major retailer, BCBG, migrated to a cloud security platform and discovered how SIEM and Log Management capabilities enhanced their abilities for enterprise security. For the entire case study, you may download a PDF version here. There was a time the only security issues retailers needed to be concerned with was theft. Put a guard in the store and a couple of video cameras and prevent as much loss as possible. Those

How do you eat a network security elephant?

One byte at a time. Now before you roll your eyes at my stupid pun, consider the deeper wisdom to this IT twist on an very old adage. Security is big. It encompasses a great many definitions, confronts a great many issues and is addressed through a great many solutions using a great many formats. For many organizations, it can be an overwhelming proposition. Beyond the issues of data defense, regulatory compliance, traffic management, identity regulation, archiving, reporting, access control, intrusion detection, encryption, app administration,

Maneuvering though the IT Threatscape: A video blog

I was fortunate to receive an invitation to speak at the recent 2013 Credit Union InfoSec Conference in Las Vegas. One of the key drivers for many of the attendees is the burden of compliance and finding ways to remove nagging blindspots due to the creation of technology islands meant to analyze and monitor different aspects of keeping applications secure, data  and account information private, devices inventories and identities properly managed. In my hour long chat, I looked to frame the issues in terms of

7 Causes of Security Paralysis & Cloud-based Cures

Over and over again the team at CloudAccess are pummeled with statistics on how risk is growing in disproportion to security readiness. -91% of companies have experienced at least one IT security event from an external source. -90% of all cyber crime costs are those caused by web attacks, malicious code and malicious insiders. -40% reported rogue cloud issues (shadow IT) experienced the exposure of confidential information as a result -34% share passwords with their co-workers for applications like FedEx, Twitter, Staples, LinkedIn. These are

Brass tacks: answering the cloud security questions that matter

Enterprise security can be a labyrinthine, complex beast with many moving parts, dozen upon dozen of requirements, needs, implications, options and alternatives. But when we get down to the nitty gritty (the brass tacks if you will), cloud security can be simplified by six simple questions: WHO is logging in? WHAT are they accessing/viewing? WHERE is the device from which that person logs in? WHEN was any asset changed/modified/moved HOW are they authorized/credentialed? WHAT is the impact of the event? Now determining the answers to