Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: SIEM
From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Thu, 11 Oct 2012 08:27:44 -0700


 Our SIEM is one of our most valuable security tools. After several years of having it in place, it is hard for me to 
imagine how we could operate without it! :)

Brian Basgen
Assistant Vice Chancellor IT (Acting)
Sent from my mobile device

On Oct 11, 2012, at 6:40 AM, "Brian Helman" <bhelman () SALEMSTATE EDU> wrote:

Good morning,

Our CIO has had some discussions with Gartner RE: SIEM.  I'm familiar with the concept and many of the components, 
but I don't have a holistic appreciation of the application yet.  Offerings being bantered about are from Solarwinds, 
LogRhythm, Trustwave, Q1Labs and McAfee.  I am curious what other's experiences are in the collective realm or with 
these specific offerings.  What kinds of timeframes and budgets did you place on your implementations?

Josh Beeman posted an informal survey that included SIEM as a potential priority over the next 5 years.  I'm also 
curious where other organizations place this with respect to other priorities (Josh's post is in-line below).

This is cross-posted to the SECURITY and NET-MAN lists.

Thanks,
Brian

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joshua 
Beeman
Sent: Friday, September 28, 2012 8:47 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Security 5 Year Strategic Plan

Hi,

I was thinking about this request and why people may have been reluctant to reply.  

A possibility is that people may feel that sharing a five year plan amongst such a large group could be
a) difficult/unsatisfying - given the rate at which threats and technology is evolving, it's a long time to be making 
predictions, and
b) risky - it may be perceived as potentially airing institutional problems/deficiencies to the public unnecessarily.

Nonetheless, I am always interested in what my peers are doing/thinking about.  I wondered if there might be more 
traction in a quasi-anonymous, mostly unscientific survey of what people thought were priorities for the next five 
years. I took a stab at creating such a survey here:
https://docs.google.com/spreadsheet/viewform?formkey=dHRPTlNiQkpia2x6dENzZU
YwbU1YVEE6MQ 

You will notice in my preamble I unabashedly admit it is neither comprehensive, nor scientific, so please keep your 
expectations low!

FYI - For those that are inherently suspicious of links and google forms, a text version is below.  Feel free to send 
your responses to me.  I plan to summarize and share any results back to this list.

Josh


*********************
SURVEY [text version]
*********************

Information Security Priorities in the Next 5 YearsRapidly evolving threats, limited resources and competing 
priorities, can make 5 year Information Security planning difficult.

Those that have developed plans may be reluctant to share them because they recognize this difficulty.

This is an informal, very unscientific survey meant to help determine if there is some consensus amongst EDU 
Information Security practitioners about topics/categories that should be prioritized in the next 5 years.

What is the size of your EDU?  (Total count of Faculty, Staff and
Students) [Optional]


Identify up to 10 of the following items that you believe should/will be prioritized in the next 5 years in your 
organization.  This listing is not comprehensive, items may overlap or have multiple interpretations.

If you believe items are missing, please indicate this in the "Other"
field.

*(You can select less than 10, but please do not select more).

* IPv6
* Network security applicance acquisition and installation (IDS, IPS, NGFW, malware detection, etc.)
* Logging
* SIEM
* InCommon Bronze/Silver certification
* Multi-factor authentication
* IDM improvements/strengthening
* Policy
* Compliance (PCI, HIPAA, FISMA, FERPA, etc.)
* Mobile device security (technology)
* Mobile device security (policy)
* Whole disk encryption
* Network segregation
* Re-org/staffing
* Metrics and reporting
* Visualization
* Vulnerability and risk assesment
* Asset management
* Virtual Desktop
* Data Loss Prevention (host or network)
* Application Security
* Cloud security
* Other:


From:  Daniel Bennett <daniel.bennett () PCT EDU>
Reply-To:  The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date:  Friday, August 10, 2012 11:35 PM
To:  "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject:  [SECURITY] Security 5 Year Strategic Plan


Hello All,

I am currently working on developing our departmentĀ¹s 5 year strategic security plan and was wondering if anyone is 
willing to share what they feel their focus will be over the next 5 years in regards to their  information security 
infrastructure.  I have some ideas but want to see what a broader community is working towards as well.

Thanks,

Daniel Bennett
IT Security Analyst
Adjunct Faculty
Vice-Chair North Central PA Members Alliance

Pennsylvania College of Technology
One College Ave
Williamsport, PA 17701

P:570.329.4989
E:dbennett () pct edu

ITS and Penn College will never solicit you for your username or password in an e-mail.



  By Date           By Thread  

Current thread:
  • SIEM Brian Helman (Oct 11)
    • Re: SIEM Basgen, Brian (Oct 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault