There is an imbalance between technical issues and process aspects related to security information and event management (SIEM). This gap is the root cause of some skepticism with and disappointment in SIEM.
Be aware that before implementing SIEM, it is necessary to establish the basis of the information security management system (ISMS), which includes considering the global management commitment, asset inventory and categorization, and risk assessment.
The SIEM process consists of following 5-step cycle:
This SIEM approach is based on the plan-do-check-act (PDCA) cycle. Consider the first step, “SIEM Policy Establishment.” Upper management should demonstrate a commitment to the ISMS, including SIEM, by ensuring the SIEM policy is established and is compatible with the business direction, context and risk approach. Usually, the chief information security officer (CISO) prepares this internal policy and obtains the approval of all stakeholders. This policy should be mapped with existing internal policies, such as defining detailed event lists into standard and baselines for servers and network tools.
My recent Journal article is a case study about mandatory audits in the Netherlands. I am interested in comparing similar events on an international scale. I have already researched sectorwide IT projects to improve government services to citizens. In my opinion, the insights drawn from these comparisons are valuable. One can use these insights to avoid the same difficulties. It can save a lot of time and money if you can learn from insights gained elsewhere.
In the Netherlands, a digital crisis in 2011 resulted in many different types of changes over a short period of time. Some of the changes were mandatory IT audits and changes in the approach to IT audits. It was an important step forward, and as IT auditors, we had to overcome complex challenges.
Interest in IT governance is increasing due to the changing role and relevance of IT within organizations for supporting, sustaining and expanding business. According to the IT Governance Institute, IT governance is the form of leadership, organizational structures and processes that ensure an organization's IT sustains and extends the organization's strategies and objectives. While management’s role in IT governance is imperative, practitioners and academics have also long advocated board involvement in IT governance. However, the literature shows that boards may not be very involved in IT governance. This could be because board members may not have the needed IT expertise to provide direction on important operational and strategic IT-related issues. Boards may also not be very involved because IT does not get put on the board’s agenda or board members simply do not understand their roles regarding IT governance.
Part 1 of my Journal article covered the 4 layers to understand well before designing your visualizations. Those are: know your data, know your message, know your audience and know your options. In part 2, my aim was to cover the science aspect of data visualization, which entails understanding how the brain stores and process visual information.
Cognitive load is essential to understand when designing visuals. There are ways to decrease the load and, therefore, maximize data processing and understanding. Some charts are better than others when trying to convey the greatest number of ideas with the least ink.
Is your business connected to the Internet for any services? Do you shop online or purchase any products or services online? Are you on Facebook, Twitter, LinkedIn or any other social networking web sites? Do you have a high-end mobile phone and use chat applications such as WhatsApp? If so, cybersecurity is an issue about which you should be concerned.
If you think that you could never be a victim of an attack originating on any of these platforms, you should think twice, because cybercriminals are keenly tracking your identities and researching your shopping behavior, watching what you do online and, ultimately, profiling the very devices through which you are connected to cyberspace. Since you are part of the bigger, interconnected network, you are a potential target of a cyberattack.