So you’re getting ready to deploy a security information and event management (SIEM) solution. There are a lot of factors you should consider to avoid potential pitfalls — and these considerations can mean the success or failure of your deployment.
In How to Deploy a Security Information and Event Management Solution Successfully, Gartner analysts Kelly M. Kavanagh, Mitchell Schneider, Toby Bussa, and Gorka Sadowski review important considerations, such as:
- Deploying a SIEM solution effectively is predicated on a clear understanding of the scope, objectives, associated use cases, and the availability of trained personnel, a managed security service provider (MSSP) or a co-managed SIEM service provider.
- Throwing all possible event and data sources at the SIEM solution at once, without considering what the sources are used for, will be setting the SIEM initiative up for failure, and will lead to an unsuccessful deployment.
- A poor architecture choice can have wide-ranging consequences, from insufficient capacity and a lack of redundancy and disaster recovery capabilities to an inability to meet future objectives, while spending too much.
To download this report and discover Gartner’s recommended SIEM implementation stages, please complete the form to the right.