"The purpose of this research is to define what Security as a Service means to organization and provide guidance on how these new practices should be best implemented," said Jim Reavis, co-founder and executive director for the CSA.
"Bringing event, threat and risk data seamlessly together is the foundation of SIEM, however doing it in a services model presents a variety of new challenges. This new Guidance will go a long way to helping IT security managers, technical architects, and systems manager take a more comprehensive approach to providing SIEM as a service under a Security as a Service model," Reavis added.
The guidance report addresses the leveraging of cloud-based SIEM services in support of cloud environments, both public and private, hybrid environments, and traditional non-cloud environments. It looks at the requirements, implementation consideration and concerns, and implementation steps as part of the many considerations for SIEM.
"The best practices in this research will serve as a foundation and critical component to deriving real value from SIEM and protecting today¹s organizations against a myriad of threats," said Matt Mosley, a senior strategist with NetIQ. "As organizations look to implement and take advantage of the potential benefits of SIEM-as-a-Service, the CSA¹s SIEM guidance report will play a vital role in formalizing and extending best practices as well as providing guidance on the key considerations for implementing hybrid or cloud SIEM."
The SecaaS Working Group is dedicated to identifying best practices for leveraging security management in a services model. CSA's SecaaS Working Group is co-chaired by Kevin Fielder, GE Global (UK) and Cameron Smith, Zscaler (US and invites motivated individuals to contribute in the expansion of CSA¹s Defined Categories of Service research.