As part of its Security- as- a- Service Implementation Guidance Series, the Cloud Security Alliance has released its Security Information and Event Management (SIEM) guide aimed at providing enterprises with best practices for deploying cloud-based SIEM services.
Specifically, the new document, which was prepared by the SecaaS Working Group, provides guidance for best practices on how to evaluate, build, and deploy cloud-based SIEM services to enterprise and cloud-based networks, infrastructure and applications, according to Jim Reavis, co-founder and executive director for the CSA.
“The purpose of this research is to define what Security as a Service means to organization and provide guidance on how these new practices should be best implemented,” Reavis said in a statement. “Bringing event, threat and risk data seamlessly together is the foundation of SIEM, however doing it in a services model presents a variety of new challenges. This new Guidance will go a long way to helping IT security managers, technical architects, and systems manager take a more comprehensive approach to providing SIEM as a service under a Security as a Service model.”
The CSA’s best practices guide focuses on leveraging cloud-based SIEM services in non-cloud and cloud environments, including public and private, hybrid environments and traditional non-cloud environments by looking at the requirements and implementation steps as part of the many considerations for SIEM.
“The best practices in this research will serve as a foundation and critical component to deriving real value from SIEM and protecting today’s organizations against a myriad of threats,” said Matt Mosley, a senior strategist with NetIQ (News - Alert). “As organizations look to implement and take advantage of the potential benefits of SIEM-as-a-Service, the CSA’s SIEM guidance document will play a vital role in formalizing and extending best practices as well as providing guidance on the key considerations for implementing hybrid or cloud SIEM.”
Earlier this fall, the Cloud Security Alliance (CSA) Mobile Working Group released “Mobile Device Management: Key Components, V1.0,” a research report identifying 17 critical areas for organizations to consider for the full lifecycle security management of mobile devices, TMCnet reported.
Given the proliferation of BYOD (Bring Your Own Device), organizations need to adopt policies and practices to prevent any compromise in security, including a system-centric functionality to secure and manage data and applications, as well as information-centric functionality such as the delivery of the enterprise application stores or content library, CSA officials said.
Edited by Brooke Neuman