Management and Monitoring Security Events in a Business Organization - SIEM system

Abstract

Business organizations are increasingly facing advanced threats, which have been particularly affected by new circumstances such as remote work. In such circumstances, members of IT security need to have appropriate systems that are ready to respond to this new security threats. In order to successfully manage and monitor security events and incidents, it is necessary to establish a Security Operations Center (SOC) or Security Information and Event Management (SIEM) system. This paper gives an example of monitoring Security Events by Tier 1 and Tier 2 level support in installed SIEM system in a business organization.