Alex Merck
Senior Analyst,
Duke University
Centralized IT Security Management on a Decentralized Campus
Friday, May 31, 2013 | 9:30AM–10:15AM | Grand Ballroom E
Session Type:
Professional Development
UGA has implemented a central SIEM, which greatly enhances the ability to monitor IT-related security events. The SIEM correlates data from various security devices and finds events that may have been overlooked. By following this centralized model, the central information security office grants departments access to view security events and alerts for their networks, in exchange for the department logging in to the SIEM. This partnership allows departments to monitor their own networks while enhancing network visibility for information security. This session will cover implementing a multitenant SIEM and how that leads to greater awareness and risk management for the institution.
