{"id":2539,"date":"2019-04-15T15:25:20","date_gmt":"2019-04-15T19:25:20","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2539"},"modified":"2019-11-20T15:23:37","modified_gmt":"2019-11-20T19:23:37","slug":"enterprise-siem-evolution-cybersecurity-isnt-static","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/","title":{"rendered":"Enterprise SIEM Evolution; Cybersecurity Isn’t Static"},"content":{"rendered":"

\"Enterprise<\/p>\n

Thanks to <\/span>SIEM<\/span><\/a> evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. <\/span><\/p>\n

Understanding SIEM evolution provides valuable insights into the evolution of cybersecurity overall. Every cybersecurity product changes and adapts to the demands of the market and to changes in cyber attacks. Looking back, we may yet be able to predict the future of the solutions for enterprises.<\/span><\/p>\n

\t\t\t

\"Download<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n

With this information in mind, we hope enterprises can better determine their InfoSec use case and select the right solution for them. <\/span><\/p>\n

Here\u2019s our brief history of <\/span>SIEM<\/span><\/a> evolution: <\/span><\/p>\n

What is SIEM? <\/b><\/h3>\n

Before we can explore <\/span>SIEM<\/span><\/a> evolution in-depth, we must first understand what exactly we mean by \u201cSIEM.\u201d Usually, <\/span>SIEM<\/span><\/a>\u2014Security Information and Event Management\u2014refers to solutions combining a log management solution and a threat monitoring solution.<\/span><\/p>\n

Under normal circumstances, every application, database, and network location generates plaintext data. Compiling and normalizing all of this data proves essential to analyzing it and discovering potentially lurking security events.<\/span><\/p>\n

However, as enterprise networks scale, discovering all of the locations within your IT environment can present its own challenge; from there, manually collecting all of the data, then normalizing it into a consistent language, adds another layer of complexity. Without a solution, your IT security team can swiftly become overwhelmed.<\/span><\/p>\n

SIEM performs all these functions automatically, increasing enterprise visibility into its IT environment and illuminating dark spaces. Then, SIEM follows programmed correlation rules to evaluate the data for security events and alert your security team to investigate. <\/span><\/p>\n

With that context established, we can more closely examine SIEM evolution. <\/span><\/p>\n

The Time Before SIEM<\/b><\/h3>\n

To summarize, SIEM evolved from a simple log management tool to an absolute necessity in enterprise cybersecurity. But why? <\/span><\/p>\n

The roots of SIEM begin with simple log management. In fact, SIEM didn\u2019t even exist until (relatively) recently. At the time, log management simply collected data automatically and stored it for a predetermined amount of time. Only rarely did enterprises analyze this logged data for security information; few security analytics tools existed then. Moreover, the solutions could only indicate signs of a breach far after its discovery.<\/span><\/p>\n

The earliest incarnations of SIEM\u2019s ancestors took shape after this: Security Information Management and Security Event Management. The former offered log management as well as historical analysis, and forensic capabilities for enterprises. Meanwhile, the latter provided threat management for network environments and incident response support.<\/span><\/p>\n

In other words, the earliest days of log management lacked the actual threat monitoring necessary to modern cybersecurity. Only when SIM and SEM technologies merged did SIEM takes it first steps in the cybersecurity marketplace.<\/span><\/p>\n

The Early Days of SIEM Evolution<\/b><\/h2>\n

When <\/span>SIEM<\/span><\/a> first attracted attention from the cybersecurity market, enterprises generally employed the solutions as a compliance tool.<\/span><\/p>\n

Large enterprises, in addition to small-to-medium-sized businesses (SMBs), have governmental and industrial cybersecurity compliance mandates they must fulfill. Obviously, larger enterprises must fulfill more mandates than smaller businesses; this can add another stressor to your IT security team\u2019s already busy schedule, even if you have a larger team. <\/span><\/p>\n

With SIEM, enterprises can more readily complete their regulatory obligations. Typically, the solutions provide out-of-the-box template reports for major compliance initiatives like HIPAA; this, in turn, allows for easy filling with fewer resources and a lesser time commitment. <\/span><\/p>\n

Due to this emphasis, smaller businesses once dismissed SIEM as an expense beyond their needs; these businesses reasoned they could fulfill their much lower mandatory obligations on their own. <\/span><\/p>\n

However, while SIEM solutions still provide compliance, the direction of SIEM evolution now aligns it more closely with cybersecurity needs. Here\u2019s how.<\/span><\/p>\n

SIEM Evolution and Threat Monitoring <\/b><\/h2>\n

In the earliest days of <\/span>SIEM<\/span><\/a>, cybersecurity solutions and capabilities focused on prevention. If enterprises could deflect or deter malware and hackers, so the logic went, enterprises could rest easy. <\/span><\/p>\n

Unfortunately, as hackers developed and refined their cyber attacks, this security paradigm became less and less viable. Currently, no preventative cybersecurity capability or policy can defend against 100% of all digital threats. While a strong security perimeter remains a crucial component to your digital safety, you must supplement it with threat monitoring. <\/span><\/p>\n

Threats which penetrate your digital perimeter can dwell on your IT environment for months before your team detects it. The longer the threat lingers on the network, the more damage it can wreak. Therefore, you need to cut hackers off at the pass, so to speak, with your security analytics capabilities. \u00a0<\/span><\/p>\n

Thanks to SIEM evolution, these solutions increase your network visibility, thereby reducing hacker dwell time. Additionally, the most recent incarnations of SIEM solutions featured behavior analytics to help monitor users and third-parties. Further, solution providers have added new layers of sophistication to their correlation capabilities; this permits enterprises to adjust their correlation rules with greater ease. <\/span><\/p>\n

Since enterprises must deploy, evaluate, and manage their own correlation rules, this is an important capability for enterprise InfoSec.<\/span><\/p>\n

Security Operations Evolution<\/b> \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/h3>\n

Interestingly, SIEM evolution correlates with the evolution of security operations centers (SOCs) in a sort of symbiotic relationship.<\/span><\/p>\n

We <\/span>covered<\/span><\/a> the <\/span>importance<\/span><\/a> and capabilities of a fully functional security operations center in previous articles; at its core, a security operations center should form the heart of your cybersecurity posture and policies. Ideally, your SOC should serve as the core of your incident response plans and your threat monitoring efforts. In addition, your SOC should house your threat hunting team, who conducts investigations based on SIEM\u2019s security alerts. <\/span><\/p>\n

Indeed, SIEM evolution led to the rise and refinement of security alerts. As vendors continue to innovate their security alerting and anti-false positive capabilities, SOCs can improve their threat hunting to match. Threat hunting can\u2019t simply rely on human intelligence\u2014these alerts help direct their investigations. <\/span><\/p>\n

Moreover, these alerts can help guide your enterprise\u2019s incident response plans; these need to correspond to the most relevant threats facing your industry vertical and size. <\/span><\/p>\n

The evolution of SIEM doesn\u2019t just follow the history of cyber attacks. It corresponds to the evolution of other cybersecurity solutions and technologies. After all, SIEM works best as part of a larger InfoSec platform with IAM and endpoint security. You should always remember that when selecting your solution. \u00a0<\/span><\/p>\n

If you would like to learn more about SIEM and where it stands now in the current marketplace, be sure to check out our Buyer\u2019s Guide<\/a>. We detail the top vendors in the field, their key capabilities, and our Bottom Lines.<\/span><\/p>\n


Widget not in any sidebars
<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. Understanding SIEM evolution provides valuable insights into the evolution of cybersecurity overall. Every cybersecurity product changes and adapts to the demands of the market and to changes in cyber attacks. Looking back, we may yet be able to predict the future of […]<\/p>\n","protected":false},"author":41,"featured_media":2540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[353,95,112,86,212,306,21,57,22,373],"acf":[],"yoast_head":"\nEnterprise SIEM Evolution; Cybersecurity Isn't Static<\/title>\n<meta name=\"description\" content=\"Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. How has SIEM changed?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Enterprise SIEM Evolution; Cybersecurity Isn't Static\" \/>\n<meta property=\"og:description\" content=\"Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. How has SIEM changed?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-15T19:25:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-11-20T19:23:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/\",\"name\":\"Enterprise SIEM Evolution; Cybersecurity Isn't Static\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg\",\"datePublished\":\"2019-04-15T19:25:20+00:00\",\"dateModified\":\"2019-11-20T19:23:37+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. How has SIEM changed?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg\",\"width\":800,\"height\":400,\"caption\":\"Enterprise SIEM Evolution; Cybersecurity Isn't Static\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Enterprise SIEM Evolution; Cybersecurity Isn’t Static\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Enterprise SIEM Evolution; Cybersecurity Isn't Static","description":"Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. How has SIEM changed?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/","og_locale":"en_US","og_type":"article","og_title":"Enterprise SIEM Evolution; Cybersecurity Isn't Static","og_description":"Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. How has SIEM changed?","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2019-04-15T19:25:20+00:00","article_modified_time":"2019-11-20T19:23:37+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/","name":"Enterprise SIEM Evolution; Cybersecurity Isn't Static","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg","datePublished":"2019-04-15T19:25:20+00:00","dateModified":"2019-11-20T19:23:37+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Thanks to SIEM evolution, analytical cybersecurity solutions remain relevant to enterprise policies today. How has SIEM changed?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2019\/04\/siem-evolution-how-cybersecurity-adapts-to-new-threats.jpg","width":800,"height":400,"caption":"Enterprise SIEM Evolution; Cybersecurity Isn't Static"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/enterprise-siem-evolution-cybersecurity-isnt-static\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Enterprise SIEM Evolution; Cybersecurity Isn’t Static"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2539"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2539"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2539\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2540"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}