{"id":3062,"date":"2020-07-06T16:29:40","date_gmt":"2020-07-06T20:29:40","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=3062"},"modified":"2020-07-06T16:29:40","modified_gmt":"2020-07-06T20:29:40","slug":"should-we-move-to-a-new-definition-of-siem","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/","title":{"rendered":"Should We Move to a New Definition of SIEM?"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-2895\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\" alt=\"Should We Move to a New Definition of SIEM?\" width=\"800\" height=\"480\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation-300x180.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation-768x461.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation-450x270.jpg 450w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation-135x81.jpg 135w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">SIEM solutions<\/span><\/a><span style=\"font-weight: 400\">?\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Why do we need to consider a new definition of SIEM? IT decision-makers across the U.S. still don\u2019t think of SIEM as a necessary component of their modern cybersecurity platforms. Previously, SIEM only belonged in the realm of large or global enterprises. However, these solutions evolved, and continue to do so; now, they offer capabilities suited to cybersecurity of all sizes.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Here\u2019s why we must consider a new definition of SIEM?\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/>\u00a0\u00a0\u00a0<\/span><\/p>\n<h2 style=\"text-align: justify\"><b>Towards a New Definition of SIEM\u00a0<\/b><\/h2>\n<h3 style=\"text-align: justify\"><b>SIEM In the Past<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Previously, SIEM performed many of the tasks it does today; it collected and aggregated data from disparate network locations, scanned the information for security event data, and generated alerts.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Yet only large enterprises selected and deployed SIEM. This stemmed from SIEM\u2019s compliance capabilities, which are still in operation today. The solutions provide out-of-the-box compliance reporting capabilities, which can help with fulfilling mandates.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Additionally, many organizations considered SIEM as far too expensive to either deploy or maintain. Further, SIEM requires a dedicated IT security team, which proves hard to assemble during the ongoing cybersecurity staffing crisis. Finally, SIEM suffered from the notion that it generated several false-positive alerts. These alerts can bury legitimate security events and cause burnout.\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Recently, SIEM has started to innovate to match the threat landscape. Here\u2019s what changed.\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SIEM Now<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">First, the definition of SIEM must separate itself from false positives. While false alerts still exist, solution providers work continually to limit them. Capabilities such as contextualization can help IT teams recognize false positives faster. Automation tools can help reduce the investigation workload and thus prevent burnout. Normalization enables teams to track security events across disparate databases and reporting languages.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Second, many SIEM providers work to make deploying and maintaining their solutions more affordable. Offering managed security services (MSS) provides one option; this assists enterprises with limited IT security teams to maintain 24\/7 cybersecurity monitoring.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, another means of reducing the costs of SIEM is to make it lightweight and offering different pricing options and models. The diversity in the market favors the customer. Also, enterprises can reduce costs by taking SIEM deployment slowly. Trying to deploy SIEM too quickly can overwhelm your IT security team and your cybersecurity policy. It indicates a two-way street in terms of reducing costs.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Modern solutions also provide the tools necessary to reduce risks and cyber-attacks. These can include phishing detection, user and entity behavioral analytics to combat insider threats, and ransomware detection.\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Perhaps the most important change in the definition of SIEM begins with the data consumed. In the past, traditional SIEM consumed historic log data via predefined rules. This limited their effectiveness. Now, SIEM can consume dynamic log data and user activity data, which more accurately reflects the threat landscape.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>How Might the Definition of SIEM Change?\u00a0<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">We spoke with Avi Chesla of <\/span><a href=\"https:\/\/empow.co\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">empow<\/span><\/a><span style=\"font-weight: 400\"> to learn more about the changing SIEM marketplace. In addition, Solutions Review reports on security orchestration, automation, and response (SOAR) which may reveal the future of cybersecurity.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">You can learn more in our <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">SIEM Buyer\u2019s Guide<\/span><\/a><span style=\"font-weight: 400\"> and in our <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/soar-buyers-guide-security-orchestration-automation-and-response\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">SOAR Buyer\u2019s Guide<\/span><\/a><span style=\"font-weight: 400\">.<\/span><\/p>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/>\u00a0\u00a0\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0 Why do we need to consider a new definition of SIEM? IT decision-makers across the U.S. still don\u2019t think of SIEM as a necessary component of their modern cybersecurity platforms. Previously, SIEM only [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":2895,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[353,95,1342,1313,212,82,21,57,22,1092],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Should We Move to a New Definition of SIEM Cybersecurity?<\/title>\n<meta name=\"description\" content=\"Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Should We Move to a New Definition of SIEM Cybersecurity?\" \/>\n<meta property=\"og:description\" content=\"Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-06T20:29:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"480\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/\",\"name\":\"Should We Move to a New Definition of SIEM Cybersecurity?\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\",\"datePublished\":\"2020-07-06T20:29:40+00:00\",\"dateModified\":\"2020-07-06T20:29:40+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\",\"width\":800,\"height\":480,\"caption\":\"More Expert Commentary and Coverage of the GetHealth Exposure\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Should We Move to a New Definition of SIEM?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Should We Move to a New Definition of SIEM Cybersecurity?","description":"Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/","og_locale":"en_US","og_type":"article","og_title":"Should We Move to a New Definition of SIEM Cybersecurity?","og_description":"Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2020-07-06T20:29:40+00:00","og_image":[{"width":800,"height":480,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/","name":"Should We Move to a New Definition of SIEM Cybersecurity?","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","datePublished":"2020-07-06T20:29:40+00:00","dateModified":"2020-07-06T20:29:40+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Should we move to a new definition of SIEM? What should experts and enterprises consider and discuss in relation to SIEM solutions?\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","width":800,"height":480,"caption":"More Expert Commentary and Coverage of the GetHealth Exposure"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/should-we-move-to-a-new-definition-of-siem\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Should We Move to a New Definition of SIEM?"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3062"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=3062"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3062\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2895"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=3062"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=3062"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=3062"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}