Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 8 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The Guru Briefing: Graeme Stewart, LogPoint UK & Ireland

by The Gurus
May 27, 2016
in News, This Week's Gurus
Share on FacebookShare on Twitter

In security, SIEM is sometimes hailed as a ‘holistic’ approach – while others look upon it as a box-ticking facet of security, there for compliance purposes rather than actually defending from and reacting to security incidents. With so much confusion over the issue, the Guru felt it was time to sit down with someone who knows the topics inside out – enter Graeme Stewart, managing director at LogPoint UK & Ireland. We were lucky enough to be able to pose some questions to him on all things SIEM to demystify the subject.
ITSG: What is SIEM?
GS: To explain simply, SIEM (Security Information and Event Management) is a technology that reconciles security information in order to provide real-time analysis and security alerts. All network information, from routers to web servers, generates logs regarding what is happening on a network.
The more complex the device, the more sophisticated the information is contained within these logs. Organisations are spending billions of pounds protecting this data from external parties; a SIEM solution helps businesses make greater use of this wealth of data so IT analysts are able to detect security incidents and provide enhanced business intelligence.
ITSG: How does it work?
GS: In theory, every device connected to an IT network generates logs. The problem is that these logs are all generated in a different format. It’s similar to attending an EU Summit whereby officials are not wearing a language headset; everyone is speaking to each other in a different language. The information is available, but nobody is able to understand it.
A business’ IT structure may utilise multiple vendors and systems, all of which are generating different types of information. SIEM takes this information and ‘normalises’ it, effectively converting it into a single language. This then lets users analyse security data in context, allowing departments to make informed decisions based on the information available.
ITSG: How has this form of technology come about and where did it evolve from?
GS: This technology has evolved from older generations of Systems Management technology. Many years ago, security professionals were only interested in generating vast amounts of security logs so they could understand what was happening within their network. For as long as computers have existed, users have always wanted to monitor their systems to extract value from the information logs.
Back in the 90’s this was known as data mining, and in modern times, this process has allowed websites to make intelligent decisions based on the sheer amount of data that is available. This can especially be seen in the advertising industry, for example, whereby Facebook is able to examine users’ profile details and based on the content a person likes or shares, is able to advertise similar products that may be of interest to that specific user. In essence, this is how a SIEM functions.
ITSG: What kinds of data are most useful in apprehending cyberattacks?
GS: In general, most data could be used to help businesses make intelligent decisions, if utilised correctly. In regards to security, if a company has been collecting security logs over a number of years, it can review a previous virus or cyber-attack that has taken place. This is useful because every cyber-attack has specific characteristics attributed to it. This data therefore enables businesses to identify whether they’ve previously had the ‘symptoms’ of a virus, investigate any previous potential breaches and thus help prevent further attacks of a similar nature. Unfortunately, this is something that the majority of antivirus technology is unable to do because when deploying an anti-virus system, it will only function from the moment of installation until the licence expires, looking forward rather than backwards.
ITSG: How do SIEM systems assist with compliance?
GS: Almost all government organisations have a requirement to hold logs and events for investigatory purposes in a tamper-proof way that can be used in a forensically appropriate manner. Many CIOs within organisations see compliance as a ‘tick box exercise’, not understanding the true value a SIEM solution could provide. We want to educate the market regarding how businesses can utilise this data and do something more valuable with the information obtained.
ITSG: What kind of advancements do you foresee in this field of security in the coming years?
GS: SIEM is an extremely intelligent tool, and should be considered as much more than just a box ticking exercise. For example, a SIEM solution can identify that an employee has logged into a database in which he or she has no authority to do so, which could result in disciplinary action. If the SIEM solution is also plugged into the HR infrastructure, it may notify the user that the employee is on annual leave, and therefore the security situation must be addressed in a completely different way.
The additional context the system can provide is where SIEM will become increasingly useful to businesses going forward, helping companies to make more informed decisions. We believe the future of SIEM involves more than just compliance. This is a tool that, in a world with more data than ever before, helps sift through the noise to make the most intelligent security and business decisions.


 
About Graeme Stewart, Managing Director of LogPoint UK & Ireland
Graeme leads the UK team for LogPoint, an innovative Danish SIEM vendor whose intuitive, adaptable solution is already deployed across Europe and Scandinavia.
Graeme is passionate about improving organisational information security with a practical, real-world approach, and has been involved in multiple industry and Government initiatives to highlight the importance of cyber security to Board and Public Sector executives. He has 20 years’ experience in IT and organisational data security with management roles at McAfee, Sophos, ClearSwift, PGP and Symantec. Graeme is a published thought leader, and an accomplished public speaker and media spokesperson.
About LogPoint
Founded in Denmark, LogPoint is a SIEM specialist with over 300 clients across Europe experiencing its technology since 2008. LogPoint SIEM collates millions of data logs from the disparate systems in your organisation and extracts meaningful information from them that you can act on.
Users enjoy how easily it adapts to stay in sync with client needs, from surpassing compliance demands, to seamlessly defending against cybercrime and fraud, and optimising IT operations. LogPoint’s SIEM software is NATO standard EAL3+ certified, costed on a direct affordable basis and flexible to suit your changing requirements. The scale-as-you-grow principle allows for quick and easy visualisation with only a few resources – no matter how vast the IT landscape, no matter how dense the data. With headquarters in Copenhagen, its sales and support offices are located throughout Europe and its partnerships reach across the globe.
 

FacebookTweetLinkedIn
Tags: analysisdatagraeme stewartIncidentInformationlanguagelogpointlogsreal-timesecuritysecurity information and event managementSIEMsystems managementTechnology
ShareTweetShare
Previous Post

Cyber trouble in Brazil

Next Post

Hong Kong watchdog reveals HK$46m in unauthorised stock trading amid cyberattack warnings

Recent News

Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato SASE Cloud Named “Leader” and “Outperformer” in GigaOm Radar Report for SD-WAN

February 7, 2023
AT&T Cybersecurity grows SASE offering by adding Palo Alto Networks

UK second most targeted nation behind America for Ransomware

February 7, 2023
safe

Will Emphasising App Security Lead to More App Installs?

February 6, 2023
Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information