The SIEM-ple way to spot a data breach as it’s happening

logLast July, the Office of Personnel Management announced it had discovered a huge data breach: The background check records of current, former, and prospective federal employees and contractors were stolen, including 21.5 million Social Security numbers. Like many security breaches, this one could have been averted with the right tools in place.

In its 2012 Data Breach Investigations Report, Verizon found that 84 percent of organizations that suffered a security breach the previous year had evidence of that breach in their logs. Every action your employees — or nefarious outsiders — take generates a kernel of information, which can become evidence of unusual behavior, or a trail of crumbs to follow after an attack to see how it was carried out.

But with so many logs and so much information to sift through, most organizations don’t tap the information these logs contain. Continue Reading…

Tags: , , ,