Combating the rising cybercrime trend with SIEM
by Fabian Libeau - ArcSight - Monday, 30 March 2009.
Given this rather gloomy description, what can be done?

Technologies to address the problems above are fairly mature and provide an automated method for discovering potential “cyber-criminal” activities. Security Information Event Management (SIEM) products were historically focused on analyzing network activities, but recently those same analytical techniques have been applied to monitoring fraudulent activities. The key concepts are the same: collect activity information, evaluate each activity both on its own and in conjunction with others to determine if something seems unusual, and then escalate those events that are worth immediate investigation while filtering out those that are just noise.

If done correctly, SIEM can help detect unauthorized activities, whether on the public e-commerce site or on the internal network, with fewer people and faster response. Modern SIEM products include rules, reports and dashboards tuned to monitor fraudulent activities. One financial services organization implemented such a solution and discovered and prevented $900,000 of wire transfer fraud within the first week of deployment.

Organizations that are considering a SIEM solution should think beyond simple network monitoring; the modern SIEM can do much more.

ArcSight is exhibiting at Infosecurity Europe 2009 held on 28th – 30th April in Earl’s Court, London.


Reactions to the IRS hack that impacted 100,000 people

Cybercriminals were able to successfully steal tax forms full of personal information of more than 100,000 taxpayers through IRS’ Get Transcript application. This data included Social Security information, date of birth and street address.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, May 28th