CSA Releases Security Information and Event Management (SIEM) Guidance
New Security-as-a-Service Implementation Report Provide Guidance for Deployment of Cloud-based SIEM
October 29, 2012 –The Cloud Security Alliance (CSA) today released the Security Information and Event Management (SEIM) guidance document – as part of its Security as a Service (SecaaS) Implementation Guidance Series. The new document, prepared by the SecaaS Working Group, provides guidance for best practices on how to evaluate, architect, and deploy cloud-based SIEM services to both enterprise and cloud-based networks, infrastructure and applications.
“The purpose of this research is to define what Security as a Service means to organization and provide guidance on how these new practices should be best implemented,” said Jim Reavis, co-founder and executive director for the CSA. “Bringing event, threat and risk data seamlessly together is the foundation of SIEM, however doing it in a services model presents a variety of new challenges. This new Guidance will go a long way to helping IT security managers, technical architects, and systems manager take a more comprehensive approach to providing SIEM as a service under a Security as a Service model.”
The guidance document addresses the leveraging of cloud-based SIEM services in support of cloud environments, both public and private, hybrid environments, and traditional non-cloud environments. It looks at the requirements, implementation consideration and concerns, and implementation steps as part of the many considerations for SIEM.
“The best practices in this research will serve as a foundation and critical component to deriving real value from SIEM and protecting today’s organizations against a myriad of threats,” said Matt Mosley, a senior strategist with NetIQ. “As organizations look to implement and take advantage of the potential benefits of SIEM-as-a-Service, the CSA’s SIEM guidance document will play a vital role in formalizing and extending best practices as well as providing guidance on the key considerations for implementing hybrid or cloud SIEM.”
The SecaaS Working Group is dedicated to identifying best practices for leveraging security management in a services model. CSA’s SecaaS Working Group is co-chaired by Kevin Fielder, Canada Life (UK) and Cameron Smith, Pertino (USA) and invites motivated individuals to contribute in the expansion of CSA’s Defined Categories of Service research. The SecaaS Working Group will be presenting facets of its Implementation Guidance at the Cloud Security Alliance Congress in Orlando on November 7-8.
About the Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.