"In the face of increasing regulatory pressures and headline-grabbing hacking activities, enterprises are deploying an ever increasing volume of dedicated security tools. As a result, they are drowning in log and alert data to the point where the tools inhibit their own value. Implementing Security Information & Event Management (SIEM) allows enterprises to manage and respond to an ever-widening range of threats and compliance requirements by consolidating, aggregating, correlating, and reporting on security events." (infotech)
But what do you need to consider? In the session you will hear from four institutitions that use different SIEM solutions from managed to completely on prem. What are the the good, the bad and (possibly) the ugly about having SIEM? Which SIEM solution is right for you?
SIEM Systems Administrator, BCNET
Manager, IT Services, Simon Fraser University
Director Information Security/Information Security Officer, Thompson Rivers University/BCNET
Manager, Information Technology, BCNET
NREN Coordination Manager, CANARIE Inc.