SIEM and Cybersecurity Challenges

The first Peer Challenge Case discussed an organization that was currently reviewing their use of a SIEM that charges on a pay-per-data model due to its expense since filtering ingested data has created gaps for them.

The group discussed, the considerations and alternatives to a SIEM with a pay-per-data model. They explored alternatives such as Microsoft Sentinel, Devo, Humio, and Google Chronicle in an effort to find a more robust logging and monitoring tool that can handle larger amounts of data.

For the second Peer Challenge Case, the group discussed an organization with several cybersecurity challenges including software flaws in upstream open-source code, machine learning and AI attacks, and BYOD policies.

The group discussed the significance of security policies for companies, as most cyberthreat cases start from the human and end-user. They suggested drafting a top 10 list of security policy wishes and interviewing employees to design the policy together.

The discussion also covered various ideas for cybersecurity risk management, including developing a risk committee team with a member from the legal department, having an open-source steering committee, and using a virtual desktop infrastructure for a BYOD strategy.

Petri Kuivala introduced a past case involving a nation state called Panda, which was related to a larger M&A case between two large companies. He shared the hacking timeline and a high-level overview of how the company was hacked. He invited members to participate in Cyberthreat Case Study Deep Dive where he will share the following:

     *How to be prepared when the “s” hits the fan

     *How to be the successful CISO at the time of the storm

     *The most important things to do to prevent it in the first place

The Cyberthreat Case Study Deep Dive is Thursday, December 7, 2023 @ 1:00PM Estern. Reserve your spot here.

The next cohort is scheduled for Tuesday, November 21, 2023 at 1PM Eastern. Reserve your spot here.a