Q&A: Security Information and Event Management

Posted on by

Though a relatively new idea, Security Information and Event Management (SIEM) has evolved to become an important tool used on networks to centralize the storage of logged events. SIEM works a little like this: computer networks generate events that are kept in event logs.

buy tobradex online azimsolutions.com/wp-content/uploads/2023/10/jpg/tobradex.html no prescription pharmacy

These logs are, more or less, a list of activities that occurred on the networked computers. SIEM is software that organizes and stores these records.

SIEMs are often used to help satisfy U.S. regulatory requirements such as Sarbanes-Oxley and PCI-DSS. Wanting to know more about SIEM, I contacted Alison Andrews, CEO of Vigilant LLC.

Can you further explain SIEM for those who are unfamiliar?

Alison Andrews: SIEM stands for Security Information and Event Management. These products centralize log information and other security data, and correlate information from multiple sources in real time. When well-implemented, this enables centralization of many security management functions through a single console, makes incident response and forensics much more efficient, and delivers comprehensive reporting for audit and other purposes.

buy xtandi online azimsolutions.com/wp-content/uploads/2023/10/jpg/xtandi.html no prescription pharmacy

The most flexible SIEM products also enable integration of business context data for fraud detection, loss prevention, and monitoring of other transactional events that are critical to business risk management.

What should a company expect from SIEM?

Andrews: SIEM buyers should expect to achieve measurable efficiencies in daily security operations, and greater business-oriented security intelligence. By reducing the number of analysts needed to respond to security alerts, headcount can be reassigned to more proactive functions. A solid SIEM implementation should generate reports and dashboards for role-based visibility into the state of the entire enterprise from a security perspective.

This visibility should certainly be designed to support real-time monitoring workflow. But it should also support business decision-making by IT managers and executives concerned with overall IT and business risk – the people who make budget decisions, and need assurance that critical assets are protected and that security, overall, is improving over time.

What are the best management processes for SIEM?

Andrews: First, it’s very important to deploy methodically, and in phases. Second, you need clearly defined roles for how the SIEM filters, correlation rules, and other components, will be refined and updated over time. Third, companies that are most successful with SIEM have high-level executive sponsorship and see it as a tool that serves more than the immediate needs of IT security teams.

Over time, a mature SIEM deployment can provide increasingly sophisticated functions across the whole IT organization, and can directly support the risk management needs of many departments and business units.

What are the risks associated with SIEM?

Andrews: A haphazard process of deploying SIEM, without regard for the specific information you need to see, causes many problems. You can end up collecting more data than is reasonable to store, or bog down system performance. Worst case, without the right configurations, you can end up falsely assuming that the environment is more secure than it really is, leaving you open to preventable security incidents and audit deficiencies.

Are there risks that require custom management?

buy suhagra online azimsolutions.com/wp-content/uploads/2023/10/jpg/suhagra.html no prescription pharmacy

Andrews: SIEM is a powerful tool, but you can’t rely only on what comes out of the box. Every SIEM requires at least some measure of customization, and will return value proportionate to what you put into it.  These days, no one can afford  cost-consuming  products that can’t be justified. So in making a SIEM investment you need to consider not only the cost of the product and initial installation, but how you will develop it over time.

The good news is that as the SIEM market has matured, the products provide more out-of-the-box value than ever before, and there are well-established options and best practices for making optimal use of the technology that can fit various budget levels, whether you decide to do it in-house or get outside help.

computer network

Cyberattacks, Terrorism Are Top Threats for UK

Posted on by

According to the United Kingdom’s recently unveiled national security strategy, cyberattacks and terrorism present the gravest threats to the country. Overall, the report identifies 15 “priority risks” — four of which are considered “tier 1” threats.

Tier One:
• International terrorism affecting the UK or its interests, including a chemical, biological, radiological or nuclear attack by terrorists; and/or a significant increase in the levels of terrorism relating to Northern Ireland.
• Hostile attacks upon UK cyber space by other states and large scale cyber crime.
• A major accident or natural hazard which requires a national response, such as severe coastal
flooding affecting three or more regions of the UK, or an influenza pandemic.
• An international military crisis between states, drawing in the UK, and its allies as well as other states and non-state actors.

Here are the top risks:

• International terrorism affecting the UK or its interests, including a chemical, biological, radiological or nuclear attack by terrorists; and/or a significant increase in the levels of terrorism relating to Northern Ireland.

• Hostile attacks upon UK cyber space by other states and large scale cyber crime.

• A major accident or natural hazard which requires a national response, such as severe coastal

flooding affecting three or more regions of the UK, or an influenza pandemic.

• An international military crisis between states, drawing in the UK, and its allies as well as other states and non-state actors.

Obviously, these are all very difficult perils to protect citizens, infrastructure and the economy against. And unfortunately, these emerging threats are growing at a time when Britain is least prepared to confront them given the national priority now assigned to “austerity measures” designed the cut spending.

The defense budget, for instance, is set to be trimmed by 8% over the next four years, leaving one Member of Parliament wondering how the country can revamp its strategy to keep citizens safe.

Conservative MP Bernard Jenkin, who is chairman of the Commons Public Administration Committee, said it was difficult to see how an effective National Security Strategy could be developed against the backdrop of cuts.

“We seem to be operating under the imperative of deficit reduction,” he said. “But, there’s very little in what’s being done now that reflects deep and sustained analysis about what sort of country we want to be in 10 or 20 years time.”

The Obama administration has also been highly critical of Prime Minister David Cameron’s defense spending cuts. Even the national security strategy itself admits that the country has a “security structure that is woefully unsuitable” for the modern threats it faces — a failing that is squarely blamed on the previous ruling officials.

The last Government took little account of this fact. Twelve years elapsed while the world changed almost beyond recognition. Abroad, our forces were sent into action without the equipment they needed, and on the basis of lamentable planning, and in more simultaneous conflicts than the Defence Review in 1998 had planned for.

At home, the machinery of Government failed to adapt to the new circumstances – lacking both the urgency and the integration needed to cope with the new situation.As a Government, we have inherited a defence and security structure that is woefully unsuitable for the world we live in today. We are determined to learn from those mistakes, and make the changes needed.

In an age of uncertainty, we need to be able to act quickly and effectively to address new and evolving threats to our security. That means having access to the best possible advice, and crucially, the right people around the table when decisions are made. It means considering national security issues in the round, recognising that when it comes to national security, foreign and domestic policy are not separate issues, but two halves of one picture.

To address this concern — at least somewhat — the government announced that it will provide an extra £500 million for cybersecurity that will be “focused on protecting key infrastructure and defence assets.”

We will see if that is enough to do the job — which also includes the below security challenges that the government has identified as “tier two” and “tier three” risks.

Tier Two Risks:

• An attack on the UK or its Oversees Territories by another state or proxy using chemical, biological, radiological or nuclear (CBRN) weapons.

• Risk of major instability, insurgency or civil war overseas which creates an environment that terrorists can exploit to threaten the UK.

• A significant increase in the level of organised crime affecting the UK.

• Severe disruption to information received, transmitted or collected by satellites, possibly as the result of a deliberate attack by another state.

Tier Three Risks:

• A large scale conventional military attack on the UK by another state (not involving the use of CBRN weapons) resulting in fatalities and damage to infrastructure within the UK.

• A significant increase in the level of terrorists, organised criminals, illegal immigrants and illicit goods trying to cross the UK border to enter the UK.

• Disruption to oil or gas supplies to the UK, or price instability, as a result of war, accident, major political upheaval or deliberate manipulation of supply by producers.

• A major release of radioactive material from a civil nuclear site within the UK which affects one or more regions.

• A conventional attack by a state on another NATO or EU member to which the UK would have to respond.

• An attack on a UK overseas territory as the result of a sovereignty dispute or a wider regional conflict.

• Short to medium term disruption to international supplies of resources (e.g. food, minerals) essential to the UK.

Workers Comp Turns 100

Posted on by

100th birthday

2010 marks the 100th anniversary of workers compensation. That’s right — that little program that ensures that a worker will be paid if he or she is injured on the job now officially dates back a century.

These days, everyone is familiar with workers comp and we may even take it for granted sometimes.

Nancy Hamlet, senior vice president of Healthcare Solutions, wrote a feature for the November issue of Risk Management magazine (available online November 1st) that explores the long history and evolving future of workers comp. She notes that the first statewide workers comp law was adopted in Wisconsin in 1911, but “scholars have found evidence that the concept of formalizing payments to injured workers existed as early 2050 BCE.” Hamlet added:

The early Greeks, Romans, Arabs and Chinese all had compensation schedules for certain losses as well. For example, an Arab who lost a finger received more than someone who lost a thumb; the value of a lost ear was calculated based on its surface area.

Workers comp has (thankfully) evolved into a system that delivers value to both employers and employees by striving for fair compensation for workplace injuries. Workers comp systems vary from state to state, however. The Insurance Information Institute (III) has penned a lengthy article on the current state of workers comp in America (available online). The article examines some recent state activities, including:

Oklahoma: In an effort to make the state more attractive to new business, Oklahoma legislators passed a number of workers compensation bills in May, including HB 2652, which would modify the workers compensation court, effective November 2010. Oklahoma is one of a handful of states where the courts administer the workers compensation system.

buy clomiphene online https://www.rhythmedix.com/wp-content/uploads/2023/10/jpg/clomiphene.html no prescription pharmacy

Among other things, it will reduce the number of judges on the court, require them to have at least five years of workers compensation experience prior to appointment and require Senate confirmation for new judges appointed by the Governor to fill vacancies.

In addition, it would extend their terms from six to eight years.

Texas: A pilot return-to-work program, adopted as part of comprehensive workers compensation reforms that took place in 2005, has now been made permanent. The program, which was designed to promote early and sustained return to the workplace after a work-related injury, reimburses an employer with less than 50 employees for expenses incurred in making workplace modifications so that the injured employee can return to the work. Maximum reimbursements, which under the pilot program were $2,500, have been raised to $5,000. Insurers are required to inform policyholders of the existence of the program.

New York: In accordance with the provisions of the 2007 workers compensation reform bill, employers who establish a safety incentive program, a return-to-work program and a drug and alcohol prevention program will be eligible to receive premium credits. Employers setting up safety programs that conform to the regulations issued by the Commissioner of Labor or a return-to-work program will receive a 4% credit in the first full year and a 2% credit each consecutive year. Drug and alcohol prevention programs are eligible for 2% premium credits.

Florida: In May 2009 lawmakers passed HB 903 in response to a state Supreme Court decision that reinstated hourly attorneys’ fees. Hourly fees had been the largest cost driver in the state’s workers compensation system. Under the new law, attorney fees in workers compensation cases will now return to the sliding scale set out in reform legislation passed in 2003. As a result, the 6.4% workers compensation rate increase imposed in April after the ruling was rescinded, and the 18.6% rate decrease that would have taken effect before the ruling was reinstated in July 2009. Rates declined again effective July 2010, the eighth consecutive drop, bringing the overall rate decrease since the reforms were passed to 64.7%, according to the insurance commissioner.

California: The Workers Compensation Insurance Rating Bureau is calling for a 29.6% rate increase to take effect in January 2011. A hearing will be held at the end of September. The insurance commissioner rejected the last request for an increase.
The bureau’s recommendations are advisory only. The bureau noted that even with the proposed increase, rates would still be 53% lower than those in effect on July  1, 2003, the year reforms were adopted that have stabilized the system.

Hamlet notices a few more trends, which she includes in her article on the topic. Those are the upward pressure on medical care costs* due to the increasing obesity of Americans and an aging workforce; the growing digitization of medical care records, which will speed the review process and help the injured worker return to worker faster; and the impact of personalized prescription drugs.

*The III notes that spending on medical care for workers comp claims climbed a cumulative 200% between 1993 and 2007.

China Plays Hardball With Rare Earth Exports

Posted on by

Rare earth metals are used in the manufacture of many items such as electric cars, computer screens, wind turbines and cell phones, just to name a few. Needless to say, rare earth metals are much-needed and in almost constant high demand. And when businesses need rare earth metals, there’s one country they turn to: China.

China produces 97% of rare earth metals, much of which is exported to Japan. But recent reports claim that shipments of the metallic element to Japan were halted. There are a few theories as to why.

The halting of shipments came, coincidentally (or not), after Japan arrested a Chinese fishing boat captain “whose trawler collided with two Japanese patrol boats off disputed islands in the East China sea.” Now, Japan is accusing China of using the metals, and its near-monopoly of it, as a “bargaining chip.” A claim China denies:

Speaking to a China-European Union business summit in Brussels, [China’s Premier] Wen [Jiabao] echoed other Chinese officials in denying Beijing had ordered traders to hold back rare earth shipments to Japan due to a recent flare-up in tensions, the newspaper China Daily reported Friday.

China claims they cut back (denying they halted shipments) because demand for the metals is exceeding supply (a claim that has received much attention lately). In either case, the Japanese are very concerned that cutbacks in exports will hurt their tech-heavy manufacturing businesses. A valid concern indeed.