What does SIEM mean to you?

What does SIEM mean to you?

Go ahead - guess. No, don't Google it, cheater. What do YOU think SIEM stands for?

I'll wait.


Give up?


Ok - SIEM stands for Security Information and Event Management. It's how your computer network infrastructure handles electronic threats like hacks, viruses, denial of service attacks, catastrophic failures, etc.

And the question, then, of what SIEM means to you suddenly becomes a lot more important than 4 weird letters strung together.

Most technology pros probably won't know what they stand for either, so don't worry about it if you are one of the millions of business pros who didn't identify it right off the bat. You're not alone. And that's the real problem.

The latest quarterly report I've read from Gartner leaves me with some major eye-openers.

SIEM technology is based on two separate but complementary technologies: SIM Security Information Management, which deals primarily with log management and compliance reporting, and SEM Security Event Management, which deals with real-time monitoring and incident management.

According to Gartner, the largest driver of investment in SIEM technology has been in the US, and mostly because of a need to meet compliance requirements for SOX (Sarbanes-Oxley) and PCI (Payment Card Industry) regulations.

In other words, companies are doing it because governments are forcing them into it, not because they recognize the dangers in the marketplace and are trying to protect themselves, their companies, shareholders and clients from the threats at large.

The other point that is derived from that is that most investment then will be in the SIM technology, not the SEM or the SIEM blended technologies needed to handle these threats successfully.

This is validated by the increased spending on monitoring employee communications and browsing habits.

Sure, that's a valid and worthwhile expenditure, but if you are ignoring the prospect of someone who is not an employee attacking your infrastructure, then you're missing the missile while looking for the package that has more than 3oz of water.

And that, in a nutshell, is why the crooks love to attack companies. They know no one pays any attention to what they're doing because they are too busy keeping themselves distracted with make-work projects and ineffectual pilot projects.

Companies like yours may not know what SIEM stands for; I can assure you the crooks that live and breathe stealing from companies certainly do.

For more information about SIM/SEM/SIEM technology and the Gartner Report go to http://www.ciradar.com/Free-Resources/Free-Analyst-Reports.aspx.