Effectiveness of Security Incident Event Management (SIEM) System for Cyber Security Situation Awareness
DOI:
https://doi.org/10.37506/ijfmt.v14i4.11587Keywords:
SIEM, Security, Cybercrime, IT systems, HNSSAM, Cyber-attack, Network, Technology, Cyber threats, Information.Abstract
Cyber-attacks have always targeted information communication technology systems of various organizations.
Intruders and hackers have within their reach, very powerful tools through which they capable to bypass
the existing network security so as to deliver a payload that might have a severe impact on the whole
organization. Therefore, it has become essential for organizations to develop mechanisms through which
they can detect a possible cyber threat and then respond accordingly. By establishing cybersecurity situation
awareness, organizations will understand what is happening and then respond effectively. The present
study evaluated the effectiveness of the Security Incident Event Management (SIEM) system for Cyber
Security Situation Awareness. A Hierarchical Network Security Situation Assessment Model (referred to
HNSSAM) which joins Security Incident Event Management (SIEM) system evidence theory fusion rules
with classified quantitative risk assessment method was applied. Data processing was initially designed so
as to collect security data from various sensors. Mechanisms for data verification were then adopted so as to
establish whether SIEM was effective in successfully detecting any form of cyber-attack. Results show that
SIEM tools may be applied by security analysts to gain visibility into the security threats attacking the IT
systems of an organization and then respond appropriately.
Downloads
Published
Issue
Section
License
https://creativecommons.org/licenses/by-nc/2.0/deed.en