Question: Is there any pressure to move SIEM to all workstations? Is it cost-prohibitive?
Yes - both from a regulatory perspective and from a good security perspective. Good security is not just preventative and responsive controls; being able to detect when something bad is happening on your network is perhaps the most important area of control today. Determining indicators of compromise (IoCs) on your network, then logging and monitoring those IoCs is how you detect bad things occurring on your network. A SIEM is the best and easiest way to accomplish that goal.
Not all SIEMs are arm-and-a-leg expensive; in fact, there are some solid open-source tools that anyone can research and deploy. There are drawbacks, of course, but those open-source tools are a good start.
Meet Our Expert!
Jon Waldman, CISA, CRISC
As an experienced cybersecurity executive and educator, Jon Waldman has worked for over 15 years to help hundreds of organizations be able to identify and understand cybersecurity risks, allowing them to make better and more informed business decisions. Jon is the Chief People Officer for SBS CyberSecurity, as well as the President of the SBS Institute.
You can ask our security experts your cybersecurity questions and they'll answer in an #askSBS blog post. Submit your questions in one of three ways:
- Submit your question here: https://lnkd.in/efCF7NK
- Use #askSBS in your own post with a question.
- Comment on one of our #askSBS social media posts with your question(s).
We're looking forward to hearing and answering your questions!
Hacker Hour webinars are a series of free webinars hosted by SBS CyberSecurity. Unlike paid webinars, Hacker Hours are aimed to meet on a monthly basis to discuss cybersecurity issues and trends in an open format. Attendees are encouraged to join the conversation and get their questions answered. SBS will also offer products and services to help financial institutions with these specific issues.