Security staff: Don't book that vacation yet

There are promoters of security event management tools, and then there are skeptics such as META Group Inc. analyst Chris King.

"Potential users' ears prick up when vendors tell them that they can take all of the management problems those users have dealing with masses of security event data and make it just one data management problem," he said. "It's when they say they can do this magic thing called correlation when the conversation starts to go downhill."

The idea is that the tools will correlate information gathered from disparate security devices and search for patterns. Events that appear to be linked can be grouped together and brought to the security manager's attention for possible action.

Easier said than done, according to King. The problem, he said, is that you "can't exactly code for that. You can't put it into software."

A lot of the conversation about security event management tools right now is about correlation, and it's usually along the lines of "my technology is bigger than yours," he said. "Unfortunately, it's a technology without a business value right now."

There are many organizations where event log file consolidation will work fine right now, he believes. And anyway, most organizations don't have the processes in place to handle real-time event management.

"It would take massive and expensive customization for different organizations to get anything meaningful out of these tools," he said. "This is still a very immature space."

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • Management
    people standing on keyboard (Who is Danny/Shutterstock.com)

    OPM-GSA merger plan detailed in legislative proposal

    The White House is proposing legislation for a dramatic overhaul of human resources inside government and wants $50 million to execute the plan.

  • Cloud
    cloud applications (chanpipat/Shutterstock.com)

    GSA plans civilian DEOS counterpart

    GSA is developing a cloud email and enterprise services contract inspired by the single-source vehicle the Department of Defense devised for back-office software.

  • Defense
    software (whiteMocca/Shutterstock.com)

    DOD looks to unify software spending for 2020

    Defense Department acquisition head, Ellen Lord, hopes to simplify software buying and improve business systems following the release of the Defense Innovation Board's final software acquisition study.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.