Skip to content

Security ≠ Compliance

February 28, 2012

There has been a lot of talk in San Francisco this week about Security and Compliance… and whether if you have one you also have the other.

The fact is that security does not equal compliance; nor does compliance ensure that your network is protected against attack.  We believe that it’s not a question of ‘either or’, but understanding that relying solely on traditional SIEM tools makes it incredibly difficult to effectively deliver both.  The problem is that SIEM tools are focused on log and event data – and even so-called ‘SIEM Plus’ tools that do collect other security data points still process and present this distinctly different type of data as “just another event”.

The future – which clearly is a world of increasingly virulent cyber and insider attacks – will require security analysts to report against both corporate security policies and relevant industry compliance mandates, as well demonstrating that they have the necessary systems and processes necessary to report both quickly and accurately.

We believe that the only way to do this through true, unified Situational Awareness.  If you want to see how situational awareness can help your organization demonstrate both security and compliance, you can contact us via email at info@eiQnetworks.com, or via send us a DM on Twitter via @eIQnetworks.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: