{"id":3510,"date":"2021-08-03T13:40:07","date_gmt":"2021-08-03T17:40:07","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=3510"},"modified":"2021-08-03T13:40:07","modified_gmt":"2021-08-03T17:40:07","slug":"best-siem-advice-from-the-first-half-of-2021","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/","title":{"rendered":"Best SIEM Advice from the First Half of 2021"},"content":{"rendered":"

\"Best<\/p>\n

Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0<\/i><\/b><\/p>\n

As part of our ongoing research into the cybersecurity<\/a><\/strong><\/span> market, Solutions Review frequently covers the latest in data breaches, cyber-attacks, and authentication failures. When we do this, we try to accompany the facts with expert advice and perspectives from some of the most recognized voices in cybersecurity<\/strong><\/span><\/a>.\u00a0<\/span><\/p>\n

As a result, we\u2019ve accumulated several relevant pieces of SIEM<\/strong><\/span><\/a> advice from the first half of 2021, generated by attacks and breaches. We decided to curate our favorites into one article. Here they are:\u00a0<\/span><\/p>\n


Widget not in any sidebars
<\/span><\/p>\n

Best SIEM Advice from the First Half of 2021<\/b><\/h2>\n

<\/div><\/h3>\n

Purandar Das<\/b><\/h3>\n

Purandar Das is CEO and Co-Founder of <\/span><\/i>Sotero Software<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

From: <\/span>Expert Commentary of the Washington State Auditor Office Breach<\/b><\/a><\/span><\/p>\n

\u201cData sharing, by organizations, is one of the key areas of vulnerability. This activity is an area that will be targeted more and more by hackers. Organizations have relied on \u201csecure data transfer\u201d, meaning the data is protected in transmission, as being sufficient. This is no longer true. Even if the data is secure during transmission the underlying data is in cleartext. True and complete data protection has to be built from the ground up. Regardless that the data is being transmitted over a secure channel, data security must start at the source. Meaning the data should be protected (encrypted) all the time, even in use. This is a huge part of protecting data and information.<\/span><\/p>\n

Credit card companies discovered this a long time ago. Hence the reason why credit card information is never transmitted to the retailer. The card companies encrypt it and don\u2019t transmit or share the information. Unfortunately, the same mechanism does not work for everyone. The transmitted data needs to be available for use and analysis. Adopting newer technologies that enable the use of encrypted data by the proper parties coupled with multi-party key ownership for authentication is one way to eliminate data loss during transmission.\u201d<\/span><\/p>\n

<\/div><\/h3>\n

Chris Clements<\/b><\/h3>\n

Chris Clements is VP of Solutions Architecture at <\/span><\/i>Cerberus Sentinel<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

From: <\/span>Key Lessons from the Malaysia Airlines Nine-Year Data Breach<\/b><\/a><\/span><\/p>\n

\u201cOne of the worst aspects of \u2018supply chain\u2019 attack compromises is that it can be even harder to detect than a direct breach of an organization.\u00a0 Now more than ever businesses need to fully vet and actively manage vendors who may be able to access sensitive systems or data.\u00a0 A strong vendor management program can go a long way to preventing exposure by requiring third parties that interact with a business\u2019s data or systems follow information security best practices and can demonstrate due diligence by adhering to well-known security standards such as NIST or ISO and also perform regular security testing to ensure that no mistakes that could lead to exposures have fallen through the cracks.\u201d<\/span><\/p>\n

<\/div><\/h3>\n

Rajiv Pimplaskar<\/b><\/h3>\n

Rajiv Pimplaskar is Vice President of <\/span><\/i>Veridium<\/span><\/i><\/a>.\u00a0<\/span><\/i><\/p>\n

From: <\/span>Expert Commentary on the Geico Data Breach Disclosure<\/b><\/a><\/span><\/p>\n

\u201cThe customer data theft from Geico is a stark reminder of security bugs and vulnerabilities with typical websites.\u00a0 According to Verizon\u2019s Data Breach Investigations Report, approximately 81% of data breaches occur due to poor passwords or compromised credentials.\u00a0 Traditional Two-factor Authentication (2FA) is also vulnerable to \u201cman-in-the-middle\u201d or MITM attacks. Companies can and should embrace passwordless methods like \u201cphone as a token\u201d or FIDO2 to improve security and reduce dependence on passwords. Also, an added benefit is that such technologies are easier to use which improves the overall user experience.\u201d<\/span><\/p>\n

<\/div><\/h3>\n

Saryu Nayyar<\/b><\/h3>\n

Saryu Nayyar (she\/her) is CEO of <\/span><\/i>Gurucul<\/span><\/i><\/a>.<\/span><\/i><\/p>\n

From: <\/span>Expert Commentary on the Geico Data Breach Disclosure<\/b><\/a><\/span><\/p>\n

\u201cThis is infuriating. Geico is essentially skirting blame for this breach, and worse \u2013 making the victims take responsibility for protecting their driver\u2019s license number from being used to fraudulently apply for unemployment benefits. In the notice of breach letter, Geico states, \u201cfraudsters used information about you \u2013 which they acquired elsewhere\u2026\u201d What information exactly and from where? Geico either doesn\u2019t know or won\u2019t say. In response, they are offering 1 year of free identity-theft protection, but that doesn\u2019t address the unemployment benefits fraud that they admit is the imminent threat. Geico customers must monitor state unemployment communications and contact the agency if they experience a problem. Do you know how hard it is to contact any US state unemployment agency during a pandemic? It\u2019s a nightmare and overwhelmingly time-consuming. There are better ways to protect customers from fraud. Security analytics can detect and stop fraudsters before they drive off with your PII.\u201d<\/span><\/p>\n

<\/div><\/h3>\n

Tim Wade<\/b><\/h3>\n

Tim Wade is Technical Director, CTO Team at <\/span><\/i>Vectra<\/span><\/i><\/a>.\u00a0<\/span><\/i><\/p>\n

From: <\/span>Wegmans Notifies Customers of Data Leak<\/b><\/a><\/span><\/p>\n

\u201cThe ability to detect and respond in real-time is an essential part of modern security.\u00a0 Misconfiguration issues don\u2019t seem to be going away any time soon, which means customers that rely on everything being 100 perfect correct will be sorely disappointed when reality strikes.\u00a0 There needs to be a holistic approach to security \u2013 yes, minimizing misconfiguration and hardening services is part of that holistic approach \u2013 but until organizations have a plan to identify the breach in real-time, this type of activity will continue.\u201d<\/span><\/p>\n

<\/div>\n

Thanks again to these experts for their time and expertise. For more on cybersecurity advice and market information, check out the SIEM<\/a>, SOAR, or MDR Buyer\u2019s Guide.<\/span><\/p>\n


Widget not in any sidebars
<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0 As part of our ongoing research into the cybersecurity market, Solutions Review frequently covers the latest in data breaches, cyber-attacks, and authentication failures. When we do this, we try to accompany the facts with expert advice and perspectives from some of the […]<\/p>\n","protected":false},"author":41,"featured_media":2895,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[353,1288,95,827,112,86,21,57,22,1624,1596,1560],"acf":[],"yoast_head":"\nSolutions Review: Best SIEM Advice from the First Half of 2021<\/title>\n<meta name=\"description\" content=\"Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0Find out what the worst breaches can teach businesses.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Solutions Review: Best SIEM Advice from the First Half of 2021\" \/>\n<meta property=\"og:description\" content=\"Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0Find out what the worst breaches can teach businesses.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-03T17:40:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"480\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/\",\"name\":\"Solutions Review: Best SIEM Advice from the First Half of 2021\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\",\"datePublished\":\"2021-08-03T17:40:07+00:00\",\"dateModified\":\"2021-08-03T17:40:07+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0Find out what the worst breaches can teach businesses.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg\",\"width\":800,\"height\":480,\"caption\":\"More Expert Commentary and Coverage of the GetHealth Exposure\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Best SIEM Advice from the First Half of 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Solutions Review: Best SIEM Advice from the First Half of 2021","description":"Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0Find out what the worst breaches can teach businesses.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/","og_locale":"en_US","og_type":"article","og_title":"Solutions Review: Best SIEM Advice from the First Half of 2021","og_description":"Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0Find out what the worst breaches can teach businesses.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2021-08-03T17:40:07+00:00","og_image":[{"width":800,"height":480,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/","name":"Solutions Review: Best SIEM Advice from the First Half of 2021","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","datePublished":"2021-08-03T17:40:07+00:00","dateModified":"2021-08-03T17:40:07+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Solutions Review compiles the best SIEM advice from the first half of 2021.\u00a0Find out what the worst breaches can teach businesses.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/01\/SOAR-Automation.jpg","width":800,"height":480,"caption":"More Expert Commentary and Coverage of the GetHealth Exposure"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/best-siem-advice-from-the-first-half-of-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Best SIEM Advice from the First Half of 2021"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3510"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=3510"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3510\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2895"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=3510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=3510"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=3510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}