SIEM for the Consumer-Facing Enterprise: The Lowdown

SIEM for the Consumer-Facing Enterprise: The Lowdown

The consumer-facing enterprise, especially in the retail space, faces some of the most dangerous attacks from external threat actors. Regardless of its size, your consumer-facing enterprise needs a SIEM solution to better protect itself in the digital marketplace.

But why? What can SIEM offer your consumer-facing enterprise? What benefits can it give you in this perilous time of data breaches?

We dive into these questions and more:  

First, Shake Yourself of Any Delusions

Once upon a time, only the largest enterprises needed to deploy a SIEM solution; even then, they only needed it to help them with their compliance reporting and log management.

We don’t live in those times anymore. We haven’t for quite some time.

SIEM provides threat intelligence, threat detection and remediation, security alerts, and security event correlation, among other capabilities. As cybersecurity transitions from a prevention-model to a detection-model, your consumer-facing enterprise needs these capabilities more than ever.

Modern threats constantly evolve to become more evasive and more penetrative; legacy solutions no longer prove adequate to prevent them.

Moreover, we’ve stated time and time again—accurately, we add—small businesses serve as a prime target for hackers (which leads to overwhelmingly worse consequences). You may not wish to believe your business is a target for cyber attacks. It doesn’t change the facts.

In other words, you must come to terms with two truths:

  1. Your consumer-facing enterprise is a target for hackers.
  2. You need a SIEM solution to fight them back.   

With that firmly established…

SIEM Prevents PCI DSS Compliance Failures

SIEM helps ensure your consumer-facing enterprise remains in compliance with the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS enforces the standards for how a retailer handles (collects and stores) consumers’ payment card information. Failing to comply with PCI DSS standards often translates to fines as high as $100,000 (or $500,000 depending on the scenario).   

In addition, failing to meet compliance regulations like PCI DSS can also result in a long-term loss of customers and professional reputation. Assigning a concrete value to these damages proves impossible, but it certainly has a noticeable effect.  

SIEM helps your enterprise comply with PCI DSS by monitoring your network for potential security holes and helping with patches. You can also tailor your SIEM solution to alert you to suspicious third-party activity, which often causes PCI DSS failures.   

SIEM Helps Prevent Phishing Attacks

Phishing stands as the most popular attack tactic for external threat actors. With the right social engineering, their malware or credential stealing rouse seems as legitimate as any other business communication. We consulted with the Inky “Welcome to 2019: Phishing Gets Personal Email Security Report” for some perspective on the evolution of phishing attacks:

  • 12% of phishing attacks impersonated a VIP in the enterprise. These attacks use the names of the CEO or a C-suite executive from a finance department and an email which seems plausible as a personal account. Often, they drew on a fake sense of urgency for their request.   
  • 11% of the assessed phishing attacks used sender forgery; this attack poses as a known and trusted contact of the recipient. Often they spoof a corporate email (which prove easy to fake).  
  • 73% of phishing qualified as a mixed bag, using techniques as diverse as impersonating the IT help desk, an invoice notification, or fax notifications with malicious attachments or links to malicious, credential stealing websites.  

Ultimately, according to Inky, email delivers 92% of all malware. In retail or another consumer-facing industry, your employees will face a deluge of messages from customers and partners alike. A phishing attack could easily hidf in the flood. However, your consumer-facing enterprise can fortify itself against phishing with a SIEM solution.

SIEM can provide you with email security, blocking the vast majority of phishing emails before it arrives in your employees’ inboxes. Moreover, its threat detection and remediation can determine if an email carrying malware enters the network, allowing IT security teams to contain the threat before its wreaks total havoc.    

SIEM Forces You To Pay Attention

This illustrates cybersecurity not as separate from your business processes but as an essential business process in and of itself. SIEM forces you to pay closer attention to how you conduct your transactions and communications, looking for both dangerous redundancies and exposure risks. It asks you to closely observe how you conduct your e-commerce and ensure it integrates and updates with modern demands and modern solutions.

Additionally, SIEM increases your network and database visibility. You cannot protect what you cannot see goes the recurrent cybersecurity maxim. SIEM helps ensure you become aware of the data your business collects, where you store it, and forces you to ask why you need it.

What SIEM demands of your consumer-facing enterprise are resources: time, energy, and, yes, capital. In a consumer-facing enterprise, you may feel these resources too precious to part. Yet you must. Your consumers look to your business to keep their data secure, and failing to do so can push them to your competitors.

Don’t let that be your fate.

Ben Canner

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *