Dr. Anton A. Chuvakin talks in this podcast about the usability and integration of security information and event management and touches on log management with the added benefit of three industry experts; Michael Leland (NitroSecurity), A.N. Ananth (Prism Microsystems) and Debbie Umbach (RSA, The Security Division of EMC).
AC: “What are your critical success tips for users? How do you increase the chance of SIEM deployment being successful early on and then get to ongoing operational success?”
ML: “The most important thing is to manage expectations and align the necessary resources. Ensure that you have agreement from every department that expects to benefit from a SIEM, and make sure the technical resources they can apply to the planning and implementation phases, as well as what metrics they’re going to use, measure the success. When working with larger organizations and enterprises with de-centralized networking, it’s likely that a SIEM vendor was probably selected having gone through a proof of concept deployment.”