Moving SIEM to the CloudEmploying Security Information and Event Management
SIEM - security information and event management - is moving to the cloud, and the Cloud Security Alliance has issued a new document that provides guidance for best practices on how to evaluate, architect and deploy cloud-based SIEM services to enterprise and cloud-based networks, infrastructure and applications.
Laundrup, who chaired the alliance's working group that wrote the SIEM guidance, characterizes cloud-based SIEM as version 2.0.
"With SIEM 1.0, we found that we were collecting way more data than we knew what to do with; we buried ourselves with data," Laundrup says in an interview with Information Security Media Group. "The more we collected, the less smart we were about it. There is a need in the world of security information and event management to have a fundamental shift in thinking, from collecting more data to finding out what the right data is, and learning how to analyze it and make prediction on the data.
"There was a gentleman, Mr. Silver; he did an outstanding job during the election in predicting the presidential winner and he did it through very careful analysis of data that was available."
In the interview, Laundrup:
- Defines Security as a Service, or SecaaS, and its SIEM component;
- Discusses security concerns surrounding cloud-based security offerings;
- Explains how organizations should vet SecaaS and cloud-based SIEM providers.
Laundrup, a security architect, is a principal consultant for the IT security consultancy Emagined Security. He has more than 25 years of experience in the security field, including 22 years of expertise in military cryptography, communications, governance and executive leadership. He has specialized in the implementation of security program management, enterprise IT management, IT governance, private key infrastructure management, encryption systems management and disaster-recovery and business-continuity planning and execution.
The University of Maryland awarded Laundrup a master of science degree in information technology with an emphasis in information assurance. He also is a Certified Security Professional and Holistic Information Security Professional.