IBM Security QRadar

 View Only

SIEM Security: Tools vs. MindSet

By Ralph Belfiore posted Mon January 02, 2023 03:10 PM


What is more important for cyber defense: tools or mindset?

From my point of view SIEM Security starts with an aligned mindset! Of course, the tools are also important, but the right mindset and implementation are crucial. Just imagine a lowered barrier. The idea is good, but if not implemented in the overall context, it becomes ineffective. And then it is simply bypassed :)

Why is the mindset so important?

My experience from many years of SIEM Security projects has shown me again and again, only the right interaction of security awareness and the right tools increases the detection rate of attacks. Cyber Attacks cannot be prevented, they happen all the time. And there are steadily increasing! The selection and, above all, the clever composition of tools is an equally large and important component.

What does it mean to me to be an IBM Champion and part of the IBM Security Community?

This question kept me busy again in Q4 2022. Of course, I feel honored that my active participation in sharing knowledge and experience is well received. That's where my idea came from to focus the topic of SIEM security in a modern, different way and from a different perspective and finally to share the result :)

Tools vs. Mindset

In many discussions with our customers and in the community, I have repeatedly found that there is a misconception that the tools alone would solve our "security problems". I was always amazed why hardly anyone asks what should be changed in order to achieve better attack detection results!?

The result?

We used contemporary media to pack this complex subject into clips. Convince yourself of the final result :)
Clip Tools vs. Mindset