Advertise on ITWeb         Thu, 02 Jul, 22:05:34 PM

SIEM buy-in in the spotlight

By Tracy Burrows, ITWeb contributor.
Johannesburg, 4 Oct 2013

Getting buy-in to SIEM projects requires a business plan with clear alignment to business strategy and measurable ROI, delegates at the Performanta IT Security Forum in Johannesburg yesterday heard. The executive forum, attended by over 100 local CIOs, CISOs and IT security professionals, took an in-depth look at Security Incident and Event Management (SIEM); the challenges in securing business buy-in to SIEM projects; and the way in which they should be rolled out.

In an on-the-spot poll carried out during the forum, 33% of delegates indicated that their businesses and boards of directors were the main beneficiaries of their SEIM implementations, while 34% said the main beneficiaries were the security and CIRT response team. A further 24% said they were the risk and compliance team benefited and 9% said the technical management team.

Shamalan Soobiah, former Standard Bank CIO and member of the panel of IT security experts at the forum, said he believed this figure was aspirational. "This is where we want to be, with the board seeing itself as the main beneficiary of security projects," he said. However, Soobiah and the other expert panellists did not believe that South African businesses had reached this point yet.

Planning and rolling out SIEM projects and securing management buy-in were a primary focus of the forum. Panellist Vernon Fryer, chief technology security officer at Vodacom SA, noted that SIEM business plans had a greater chance of success if they were closely aligned to business strategy. "Business listens to the new style security practitioner who understands strategy," he advised.

On the question of the most important reasons for their choosing technologies for their SIEM projects, 38% of the delegates voted that requirements and integration into the existing landscape is well-defined, 17% said they had the internal skills to implement and run the technology.

The cost-effective technology, a local partner that can deliver, while ease of use and ease of deployment were also cited.

The panellists commented that fit for purpose and cost containment should be key considerations when selecting technologies. "What is most important is if it solves your problem – not where the solution is ranked," Hettie Booysen, the head of operational risk, IT Risk at Standard Bank, noted.

Panellist Lynette Botha, senior manager for information security and compliance at MTN, commented that most projects had a level of 'scope creep' and that technologies and the environment could change rapidly, impacting on the original plan.

Performanta Group CEO Guy Golan believes management and board levels of enterprises are beginning to take information security more seriously, which would help close the long-standing disconnect between information security and business management. The Performanta executive forum, he said, aimed to help IT security specialists to bridge the divide and better align their projects with business strategy.

Hettie Booysen,
head: operational risk,
IT Risk Standard Bank
Lynette Botha, ,
senior manager information
security and compliance, MTN
Vernon Fryer,
chief technology security officer,
Vodacom SA
Shamalan Soobiah,
technology consultant and former
Standard Bank SA CIO


About our panelists
View picture gallery
Click here to listen to the online-audio
Download IT Security Forum 2013 survey

Performanta is proud to be one of the leading information security companies today, not only in South Africa, but also in Africa and Europe. The key to our success and rapid growth is without a doubt attributed to our practical and no-nonsense approach to solution and service delivery. The phrase we will make it work (or happen) is often used amongst ourselves and our customers. We at Performanta understand customer needs and have the unique ability to translate that into a bouquet of services, consulting and technologies that actually works!

Guy GolanNew emphasis on information security
The recent spate of acquisitions in the information security market is an indication that the world's computing giants are seeing the growing importance of IT security, says Performanta Group CEO, Guy Golan.