Tammy Torbert, world wide solutions architect of federal at Hewlett Packard Enterprise (NYSE: HPE), has said government agencies should implement next-generation security incident and event management platforms that work to facilitate cyber threat monitoring and analysis amid growth in data stores.
Torbert wrote that SIEM is a suite of services designed to help agencies monitor and correlate security incidents as well as report and store log data.
“SIEM combines security information management and security event management to analyze security alerts generated by network hardware and applications, ” she added.
Torbert noted that she predicts new SIEM tools will incorporate new information collection and contextual data analysis functions as well as introduce new algorithms built to analyze real-time and historical data and monitor cloud environments.
Next generation SIEM platforms are expected to feature new analytics techniques that work to help administrators of security operations centers investigate behavioral patterns across datasets in order to detect cyber threats, she said.
“Building the next generation SOC will depend on how well agencies use next generation SIEM, ” Torbert noted.
“It also depends greatly on how well it’s executed by individual analysts, ” she added.