Security Intelligence Can Deliver Value Beyond Expectations And Needs To Be Prioritized

“Security intelligence” is a term that is commonly used within the information security community, but one that often lacks clarity and definition. Closely aligned with security incident and event management (SIEM), security intelligence is best defined as:
“Security intelligence (SI) is the real-time collection, normalization, and analysis of the data generated by users, applications and infrastructure that impacts the IT security and risk posture of an enterprise. The goal of Security intelligence is to provide actionable and comprehensive insight that reduces risk and operational effort for any size organization.”
First generation security intelligence and SIEM products have promised much to a security industry weighed down by a growing list of responsibilities and held back by stagnant budgets. Having implemented previous “panacea” products, such as intrusion detection (IDS) and intrusion prevention systems (IPS), security and risk professionals know that some of these tools bring burdens that may match or even outweigh their benefits, commonly in the form of considerable resources required to manage the solution. In the current economic environment, additional resources are a luxury only a few can contemplate.