{"id":1527,"date":"2018-05-24T10:49:27","date_gmt":"2018-05-24T14:49:27","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=1527"},"modified":"2019-06-24T12:50:44","modified_gmt":"2019-06-24T16:50:44","slug":"good-siem-deployment-advice-courtesy-gartner","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/","title":{"rendered":"Good SIEM Deployment Advice, Courtesy of Gartner"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1186\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg\" alt=\"SIEM Deployment \" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified-300x150.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified-768x384.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified-540x270.jpg 540w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified-162x81.jpg 162w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/7-key-siem-capabilities-look-solution\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM<\/a> solutions are hard.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Thankfully, technology research firm <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/gartner-siem-magic-quadrant-whats-visionary\/\" target=\"_blank\" rel=\"noopener noreferrer\">Gartner<\/a> released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d which might provide the answers your enterprise is looking for.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/next-gen-siem-aisiem-gary-southwell-seceon\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM<\/a> is one of, if not the, most vital parts of any comprehensive enterprise-level cybersecurity platform in the modern age. Detection has taken precedence over prevention in modern cybersecurity paradigms. SIEM solution\u2019s capability to collect, aggregate, and analyze data from disparate data sources throughout your enterprise\u2019s IT environment makes it unparalleled in threat detection. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">A Successful SIEM deployment is the key to overcoming the challenges of the solution and getting the most from it. But how do enterprises initiate a successful SIEM deployment? What should they prioritize?<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/security-information-event-management-vendor-map\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/02\/SIEM_VM_SB.jpg\" alt=\"Download Link to SIEM Vendor Map\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h3 style=\"text-align: justify\"><b>Clearly Understand Your SIEM Solution&#8230;and Your Enterprise <\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">First, a good SIEM deployment starts with picking the right SIEM solution for your enterprise. This may be easier said than done. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to Gartner, your enterprise should first make a shortlist of potential SIEM solution providers and send each a request for proposal to evaluate what they can offer your enterprise specifically. After that, you should ask those vendors still in consideration for a proof of concept to obtain a better sense of the solutions in a practical, hands-on manner. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Simultaneously, Gartner points out that this extended evaluation process is only one half for choosing the right SIEM solution. The other half is evaluating your own enterprise. What is the scope your SIEM solution needs? What are your use-cases? What are your cybersecurity capabilities: staff, talent, and resources? Do you have the right IT architecture for a SIEM deployment? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">These aren\u2019t idle questions. Having an insufficient architecture or cybersecurity staff can result in inadequate disaster recovery capabilities, unfulfilled security objectives, and a skyrocketing cybersecurity budget. It can also limit your enterprise\u2019s scalability, whether on-premises or on the cloud. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Other suggestions from Gartner include the examining number of log sources in your enterprise, determining your available bandwidth, and considering the regulatory compliance measures your enterprise must meet. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If your SIEM deployment seems far too daunting after these evaluations, Gartner recommends that you consider selecting a fully managed security service for SIEM or a co-managed SIEM service. \u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SIEM Deployment Requires Time. Make the Right Allowances<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Among Gartner\u2019s crucial recommendations, one of their most emphasized is that rushing into SIEM deployment\u2014bombarding your new solution with all of your available data sources and event data\u2014is the fastest way to fail at proper deployment. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The same applies to collecting all of the data from your enterprise and planning to sort it out later\u2014a fast track to failure. Instead, Gartner recommends a phased, output-driven approach to your SIEM deployment. Your enterprise should determine its ideal scope and use-case, and build its SIEM requirements from those inputs. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Your enterprise needs to carefully consider what data sources they consider to be the most important. Then, you should onboard those sources during your SIEM deployment in a deliberate manner to slowly increase your solution\u2019s capabilities.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"> Gartner states that a good gradual deployment model may be a use-case by use-case approach or by first implementing centralized log management. The latter can be deployed separately and relatively easily, and with more potential scalability. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In other words, Gartner recommends that you don\u2019t think of SIEM deployment as a set-it-and-forget-it affair. Think of it as an ongoing process, one that takes commitment and investment. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Integrate Your SIEM Deployment into Your Enterprise<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">How will your users\u2014employees and customers\u2014interact with your selected SIEM solution? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">That\u2019s a critical question Gartner raises, and one that your enterprise should be raising as well. This question is in fact intertwined with others: how will users respond to the new security? How will your current security platforms mesh with your SIEM deployment? How will SIEM affect your business processes? SIEM is a resource and talent-intensive solution that can disrupt if not properly deployed. The interface needs to be intuitive so that users can adapt to it easily and learn to work with it, not against it. The alternative could constitute a major security hole. <\/span><\/p>\n<div class=\"hr hr\"><\/div>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/> \u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>SIEM solutions are hard. Thankfully, technology research firm Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d which might provide the answers your enterprise is looking for. SIEM is one of, if not the, most vital parts of any comprehensive enterprise-level cybersecurity platform in the modern age. Detection has [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":1186,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[128,56,95,13,86,36,21,57,696,22,695],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Good SIEM Deployment Advice, Courtesy of Gartner<\/title>\n<meta name=\"description\" content=\"Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d report. How should you do SIEM deployment?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Good SIEM Deployment Advice, Courtesy of Gartner\" \/>\n<meta property=\"og:description\" content=\"Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d report. How should you do SIEM deployment?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-24T14:49:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-06-24T16:50:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/\",\"name\":\"Good SIEM Deployment Advice, Courtesy of Gartner\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg\",\"datePublished\":\"2018-05-24T14:49:27+00:00\",\"dateModified\":\"2019-06-24T16:50:44+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d report. How should you do SIEM deployment?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg\",\"width\":800,\"height\":400,\"caption\":\"SIEM Deployment\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Good SIEM Deployment Advice, Courtesy of Gartner\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Good SIEM Deployment Advice, Courtesy of Gartner","description":"Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d report. How should you do SIEM deployment?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/","og_locale":"en_US","og_type":"article","og_title":"Good SIEM Deployment Advice, Courtesy of Gartner","og_description":"Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d report. How should you do SIEM deployment?","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2018-05-24T14:49:27+00:00","article_modified_time":"2019-06-24T16:50:44+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/","name":"Good SIEM Deployment Advice, Courtesy of Gartner","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg","datePublished":"2018-05-24T14:49:27+00:00","dateModified":"2019-06-24T16:50:44+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Gartner released their 2018 \u201cHow to Deploy a Security Information and Event Management Solution Successfully\u201d report. How should you do SIEM deployment?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/board-meeting-modified.jpg","width":800,"height":400,"caption":"SIEM Deployment"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/good-siem-deployment-advice-courtesy-gartner\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Good SIEM Deployment Advice, Courtesy of Gartner"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1527"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=1527"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1527\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/1186"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=1527"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=1527"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=1527"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}