Educause Security Discussion mailing list archives
SIEM
From: Brian Helman <bhelman () SALEMSTATE EDU>
Date: Thu, 11 Oct 2012 13:32:16 +0000
Good morning, Our CIO has had some discussions with Gartner RE: SIEM. I'm familiar with the concept and many of the components, but I don't have a holistic appreciation of the application yet. Offerings being bantered about are from Solarwinds, LogRhythm, Trustwave, Q1Labs and McAfee. I am curious what other's experiences are in the collective realm or with these specific offerings. What kinds of timeframes and budgets did you place on your implementations? Josh Beeman posted an informal survey that included SIEM as a potential priority over the next 5 years. I'm also curious where other organizations place this with respect to other priorities (Josh's post is in-line below). This is cross-posted to the SECURITY and NET-MAN lists. Thanks, Brian -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joshua Beeman Sent: Friday, September 28, 2012 8:47 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Security 5 Year Strategic Plan Hi, I was thinking about this request and why people may have been reluctant to reply. A possibility is that people may feel that sharing a five year plan amongst such a large group could be a) difficult/unsatisfying - given the rate at which threats and technology is evolving, it's a long time to be making predictions, and b) risky - it may be perceived as potentially airing institutional problems/deficiencies to the public unnecessarily. Nonetheless, I am always interested in what my peers are doing/thinking about. I wondered if there might be more traction in a quasi-anonymous, mostly unscientific survey of what people thought were priorities for the next five years. I took a stab at creating such a survey here: https://docs.google.com/spreadsheet/viewform?formkey=dHRPTlNiQkpia2x6dENzZU YwbU1YVEE6MQ You will notice in my preamble I unabashedly admit it is neither comprehensive, nor scientific, so please keep your expectations low! FYI - For those that are inherently suspicious of links and google forms, a text version is below. Feel free to send your responses to me. I plan to summarize and share any results back to this list. Josh ********************* SURVEY [text version] ********************* Information Security Priorities in the Next 5 YearsRapidly evolving threats, limited resources and competing priorities, can make 5 year Information Security planning difficult. Those that have developed plans may be reluctant to share them because they recognize this difficulty. This is an informal, very unscientific survey meant to help determine if there is some consensus amongst EDU Information Security practitioners about topics/categories that should be prioritized in the next 5 years. What is the size of your EDU? (Total count of Faculty, Staff and Students) [Optional] Identify up to 10 of the following items that you believe should/will be prioritized in the next 5 years in your organization. This listing is not comprehensive, items may overlap or have multiple interpretations. If you believe items are missing, please indicate this in the "Other" field. *(You can select less than 10, but please do not select more). * IPv6 * Network security applicance acquisition and installation (IDS, IPS, NGFW, malware detection, etc.) * Logging * SIEM * InCommon Bronze/Silver certification * Multi-factor authentication * IDM improvements/strengthening * Policy * Compliance (PCI, HIPAA, FISMA, FERPA, etc.) * Mobile device security (technology) * Mobile device security (policy) * Whole disk encryption * Network segregation * Re-org/staffing * Metrics and reporting * Visualization * Vulnerability and risk assesment * Asset management * Virtual Desktop * Data Loss Prevention (host or network) * Application Security * Cloud security * Other: From: Daniel Bennett <daniel.bennett () PCT EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Friday, August 10, 2012 11:35 PM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Security 5 Year Strategic Plan Hello All, I am currently working on developing our departmentĀ¹s 5 year strategic security plan and was wondering if anyone is willing to share what they feel their focus will be over the next 5 years in regards to their information security infrastructure. I have some ideas but want to see what a broader community is working towards as well. Thanks, Daniel Bennett IT Security Analyst Adjunct Faculty Vice-Chair North Central PA Members Alliance Pennsylvania College of Technology One College Ave Williamsport, PA 17701 P:570.329.4989 E:dbennett () pct edu ITS and Penn College will never solicit you for your username or password in an e-mail.
Current thread:
- SIEM Brian Helman (Oct 11)
- Re: SIEM Basgen, Brian (Oct 11)