A SIEM Buyer’s Guide for Resource-Constrained State and Local IT Security Teams
Cybersecurity is the number one priority for state and county CIOs, according to GovTech. Yet supporting that priority is a perpetual challenge. Another survey finds that top of the list of workforce needs for state CIOs is cybersecurity talent.
But imagine if there were no cybersecurity workforce drought. That small government IT security shops had the benefit of a robust Security Operations Center (SOC) made up of a geographically distributed team of security analysts. These analystis stay on top of every threat and deploy a governance and policy management program that makes compliance an afterthought.
In reality, that’s the top 1% of security departments. For the remainder the reality is drastically different. Many state and county security teams comprise one or a few more security pros. Their time is spent trying to stay on top of security updates, manage a range of point security products, and deal with basic blocking and tackling. There isn’t the time or budget to do much more than that.
Another problem, according to DLT partner, SolarWinds, is that security management technology targeted at these smaller shops often come with huge license costs and advanced functionality that’s designed for large implementations, but is seldom used.
Take Security Information and Event Management (SIEMs), for example. SIEMs collect, analyze, store and report on security-related events. They’ve promised to give analysts actionable intelligence, situational awareness, and continuous compliance – all those must-have buzzwords. But, failed deployments, consultant money-pits, and complaints about “not enough hours in the day to use it” are casting doubt on SIEMs’ ability to fulfil its value promise. SIEMs have always needed skilled professionals to run them, so what options do small state and county security shops have?
Efficient, cost-effective SIEMs that can accommodate any department size or budget are within reach. To help guide you through the process of finding the right one, SolarWinds recommends a six-step approach. Download A SIEM Buyer’s Guide for Resource-Constrained Security Pros to learn more.