Why is SIEM an area of unease for so many security officers?
To make detection and response successful, we need tools capable of upscaling the practitioners as well as equipping them to be successful. We need tools we can rely on.
In today's episode, we had an inspiring conversation with J Wolfgang Goerlich, Advisory CISO at Cisco Secure. We discussed how trust is a determinant factor in building the security tools of the future, why so many CISOs lost trust over SIEMs and what we can do to rebuild it.
Topics discussed in this episode:
- Wolf's role as advisory CISO.
- How we can use technology to solve business problems
- How CISOs perceive SIEMs today and security monitoring as a practice
- The investigative side versus the detection side of SIEMs
- How the detection personas have changed with the movement to the cloud
- Challenges of doing detection in the modern day
- The story of when Wolf worked in an open source project
- How Wolf advises CISOs on making a build versus buy decision
- How detection and response will evolve in the coming years
- 3 pieces of actionable advice to succeed with building effective detection programs at scale