If you are getting ready to deploy a security information and event management (SIEM) solution there are a lot of factors you should consider to avoid potential pitfalls. These considerations could mean the difference the success or failure of your deployment.
In this report “How to Deploy a Security Information and Event Management Solution Successfully”, Gartner analysts Kelly M. Kavanagh, Mitchell Schneider, Toby Bussa, and Gorka Sadowski review important considerations, such as:
- Deploying a SIEM solution effectively is predicated on a clear understanding of the scope, objectives, associated use cases, and the availability of trained personnel, a managed security service provider (MSSP) or a co-managed SIEM service provider.
- Throwing all possible event and data sources at the SIEM solution at once, without considering what the sources are used for, will be setting the SIEM initiative up for failure, and will lead to an unsuccessful deployment.
- A poor architecture choice can have wide-ranging consequences, from insufficient capacity and a lack of redundancy and disaster recovery capabilities to an inability to meet future objectives, while spending too much.
Download report now.