SIEM: Shakeup in Event Management - What's Happening in the SIEM market today? - Jason Shockey, Seth Goldhammer - ESW #377

18 snips

Sep 27, 2024

Seth Goldhammer, VP at Greylog, sheds light on the SIEM market's transformation and the challenges it faces. Jason Shockey, founder of MyCyberPath.com, shares his passion for guiding cybersecurity career navigation. They discuss the evolving SIEM landscape, the critical role of situational awareness, and the impact of AI and machine learning. Shockey also emphasizes the importance of lifelong learning and personal attributes in cybersecurity careers. Anecdotes and insights make for a rich conversation on both current trends and future possibilities.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Core Functions of SIEM Today

A SIEM should focus on data collection, processing, normalization, storage, and analytics to prioritize security events.
The fundamental promise of SIEM remains to align human resources on what requires investigation.

ANECDOTE

Early SIEM Tech Struggles

In 2004-2005, an exhaustive SIEM deployment caused overloaded storage and sluggish queries lasting up to eight hours.
This historical challenge highlights how far SIEM technology has evolved in managing large log volumes.

INSIGHT

Contextualizing and Prioritizing Events

Effective SIEM contextualization involves understanding who, what event occurred, and the risk posed by the system's role.
Multiple suspicious activities targeting the same entity signal a more credible threat worthy of attention.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss:

market changes and terminology: security analytics, data lakes, SIEM
what is SOAR's role in the current SIEM market?
machine learning and generative AI's role
strategies for implementing a SIEM
common mistakes that still lead to SIEMs becoming shelfware
and much more!

Both Seth and Adrian have a long history when it comes to SIEMs, so this conversation will be packed with anecdotes, stories, and lessons learned!

This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them!

We've been hearing a lot lately about how the talent gap in cybersecurity is much more complex than some folks have been making it out to be. While making six figures after going through a six week boot camp might be overselling the cybersecurity job market a bit, it is definitely a complex space with lots of opportunities.

Fortunately, we have folks building passion projects like My Cyber Path. When Jason transitioned into cyber from the military, he took note of the path he took. He also noticed how different the path was for many of his peers. Inspired by NIST NICE and other programs designed to help folks get a start in cyber, he created My Cyber Path.

My Cyber Path has a very organized approach. There are 12 paths outlined, which fall into 4 main areas. After taking a personality test, this tool suggests the best paths for you. Hmmm, this sounds a lot like the sorting hat in Harry Potter, and there are 4 "houses" you could get put into... coincidence?

Segment Resources: My Cyber Path has a free account where people can get matched to a cybersecurity work role based on their interests and personality traits and get access to free areas in the platform without having to save a credit card.

In the Enterprise News, the hosts discuss various trends and challenges in the cybersecurity landscape, including the evolution of terminology, funding trends, the emergence of new startups, and the impact of AI on security practices. They also explore the challenges faced by CISOs, the importance of humor in the industry, and the future of quantum readiness. The conversation highlights the need for clarity in cybersecurity messaging and the potential for consolidation in the market.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-377