Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

Log Management Focus in Mid-Sized Companies Shifting from Compliance to Security

Log management priorities – and tools – are evolving in small-to-medium sized businesses (SMBs), with the focus shifting away from compliance towards security and threat management, according to two recently released surveys.

Log management priorities – and tools – are evolving in small-to-medium sized businesses (SMBs), with the focus shifting away from compliance towards security and threat management, according to two recently released surveys.

When queried about the usefulness of log management system data, over 90 percent of the participants in the SANS Institute’s Sixth Annual Log Management Survey ranked “Forensic Analysis and Correlation” as most useful. “Detect/Prevent Unauthorized Access and Insider Abuse,” “Track Suspicious Behavior” and “IT Troubleshooting and Network Operations” were only a couple of percentage points behind.

Log Management Solutions - Security

This represents a dramatic shift in attitudes towards log management systems, which were originally designed as enterprise tools to streamline aspects of the regulatory compliance process through automated report generation. According to The SANS Institute, this shift from a compliance focus to a security focus will soon blur the distinction between log management products and emerging Security Information and Event Management (SIEM) solutions

The results of a separate survey conducted by RSA confirm that security capabilities are becoming a top priority for SMBs when they evaluate log management products and SIEMs. Eighty-nine percent of respondents to the RSA study cited security operations functions as the primary usage for their SIEM solution, compared with 54 percent who cited compliance. Sixty-six percent ranked real-time monitoring as most important when evaluating a SIEM vendor, and more than 75 percent deemed that capability essential.

According to RSA Marketing CTO Sam Curry, “Regulations have been a catalyst for this industry: in the pursuit of a check mark [to appease regulators], small and medium sized businesses are finding new, deeper and more business-relevant ways to use the tools now in their hands. The RSA and SANS Institute surveys show these companies going beyond mere compliance and reporting and into the more interesting and valuable areas of forensics, operations optimization, risk management and advanced correlation.”

Comments from IT managers at SMBs confirm Curry’s opinion. “Security isn’t just about packets and compliance for our team,” said Charles Beierle, Director of Information Security at RBFCU, a Texas-based credit union, “It’s about combining information and context to create intelligence useful for making business decisions. Efficiently capturing those two components from all kinds of disparate sources have made the case for continued SIEM investment.”

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...