10 Tips to Choose the Right SIEM Solution

Due to the current state of information security, organizations are being asked to strengthen their incident response and security monitoring capabilities. Since Cybersecurity threats expose financial institutions to operational, reputation, and financial risks, regulators have increased their expectations for organizations to implement, enhance, and adapt a strong risk management practices to protect, detect, respond, and recover to security incidents. But, the truth is that many small and mid-size financial institutions are still struggling with the implementation of sound security monitoring technologies and practices to mitigate the risk, and meet the regulatory guidance.

One key component for improving the security monitoring practice is the implementation a Security Information and Event Management (SIEM) solution. SIEM solutions have been around for many years, the engine behind it has improved and now they are able to correlate events from thousands of log sources, detect anomalies, alert and send notifications when unusual activity is detected. Depending on the functionality, SIEMs may also offer forensic analysis capabilities, which may help organizations detect and respond to security incidents.

The following are tips that will help you choose the right SIEM solution:

  1. Licensing –Determine the number of systems, applications, and devices to be incorporated
  2. Scalability – Ensure the solution has the capability to accommodate the current and the projected growth
  3. Log compatibility – Ensure that the solution is compatible with your logs
  4. Correlation engine – Does the solution have the ability to search across multiple devices and logs
  5. Forensic capabilities – Does the solution offer forensic analysis capabilities from the event source
  6. Dashboards – The solution must provide the ability to easily create dashboards and reports
  7. Threat intelligence – Find out if the solution has the ability to integrate with internal/external intelligence sources
  8. SIEM options: On premise or Could-based – Determine if a cloud-based SIEM as a service is the right solution for your organization.
  9. Compare your options – Once you identified your needs and requirements, make sure to compare the capabilities of each solution, and request references
  10. Hire a Service Provider – To be successful, it is recommended getting support from a service provider with the resources, knowledge, and capabilities to help you throughout the process.
PREV

Tips for Financial Institutions to Enhance Your Information Security Policies

NEXT

6 Cyber Security Tips for Financial Institutions

WRITTEN BY:

Erick Bacallao joined Champion Solutions Group in 2015 after a career of Software Development in Cuba at the National Cancer Care Institute of Cuba, followed by moving to the States with allAware.

 

Champion acquired allAware and its properties and Erick has utilized his extensive background and expertise in IT and Software Development to rise to VP of Product Development in less than 5 years. During this time, Erick has been involved with key projects that led to the launch of numerous products including CSP Boss, Inscape platform and 365 Productivity Insights.

 

Erick has a Bachelor of Science in Computer Science from the University of Havana. He won Gold Medals for Programming from the Ministry of Education in Cuba, and he is certainly still a Gold Medalist for Champion!

 

As President and CEO, Chris is responsible for the development of key strategic alliances and solution portfolio. He leads Champion’s go-to market and execution strategies for integrated offerings in the cloud, in security, and in digital infrastructure, always focusing on improving the customer experience and driving transformative business outcomes.

 

He also aligns key partner initiatives with company strategy and oversees corporate marketing and messaging to gain mindshare with customers and partners. It’s his vision and innovativeness that have catapulted Champion up the ranks to become a $100M+ organization—and one of the most respected solution providers in the industry.

 

Over the past two decades, Chris has also focused on mergers and acquisitions, as well as innovative product development. He is the original founder and an active member on the Board of Managed Maintenance, Inc., a SAAS provider and consulting firm that utilizes their award-winning One-View Portal to help the IT Channel and its customers manage their IT Maintenance.

 

Chris is also the original founder and chief strategist behind one of the original storage cloud providers, Storage Access / BluePoint. During the course of a few short years, he had raised $20M and took that company public on the Toronto Stock Exchange. It has since been acquired by Pomeroy.

 

In 2012, Chris led the acquisition of MessageOps and continued the product development and worldwide launch of its premier SAAS, 365 Command. Built on Microsoft Azure, 365 Command is currently managing over 1 million seats of Microsoft’s Office 365. After achieving this phenomenal milestone, 365 Command and other MessageOps O365 utilities were sold to Kaseya.

 

Over the past 35 years, Chris as worked tirelessly to not only advance his own career, but those of his employees. In addition to leading a $100M organization, Chris can also be found sitting with sales teams, cold calling and coaching, and validating why Champion has been listed on Best Places to Work by both South Florida Business Journal and Computerworld.

Ultimately, the success garnered by Champion Solutions Group, its associated companies, and their employees is due in large part to the leadership of its President and CEO. Perhaps the most fitting award Chris has earned is South Florida Business Journal’s 2013 Ultimate CEO Award.