Blog
What does SIEM REALLY stand for
SIEM. Right… Many suspect it stands for Security Information and Event Management. The origins of this mysterious watchdog are shrouded in mystery. I happen to think it may stand for Stalking Info Every Moment. or maybe Sneakily Invading Everyone’s Mojo, or perhaps Skulking Into your Every Move. Shadowing Individuals Every Minute. Hey, all are true. That is what SIEM does – and it has to. We need to know where and how we are getting hacked and the paths that this insidious intrusion takes to get at us. There’s actually a real war going on out there!
A big tenet of cyber security is IPDRR.
IPDRR stands for Identify, Protect, Detect, Respond, Recover. It is one of the five functions of the NIST Cybersecurity Framework, which is a set of guidelines for mitigating organizational cybersecurity risks. The IPDRR function helps organizations to:
- Identify cybersecurity risks to their systems, people, assets, data, and capabilities.
- Protect their systems and assets from known and unknown threats.
- Detect cybersecurity incidents as early as possible.
- Respond to cybersecurity incidents in a timely and effective manner.
- Recover from cybersecurity incidents as quickly as possible.
The IPDRR function is essential for any organization that wants to protect itself from cyberattacks. By following the IPDRR guidelines, organizations can reduce their risk of being hacked and minimize the impact of any incidents that do occur.
Here are some of the specific activities that are included in the IPDRR function:
- Identifying assets and vulnerabilities: This involves identifying all of the organization’s assets, both physical and digital, and assessing their vulnerabilities to cyberattacks.
- Implementing controls: This involves implementing security controls to protect the organization’s assets from known and unknown threats.
- Monitoring for threats: This involves monitoring the organization’s systems and networks for signs of suspicious activity.
- Responding to incidents: This involves responding to cybersecurity incidents in a timely and effective manner.
- Recovering from incidents: This involves recovering from cybersecurity incidents as quickly as possible.
The IPDRR function is a continuous process that should be updated as the organization’s risk profile changes. By following the IPDRR guidelines, organizations can improve their cybersecurity posture and reduce their risk of being hacked.
IPDRR stands for Identify, Protect, Detect, Respond, Recover. It’s a cybersecurity framework that helps organizations to not get pwned.
- Identify the assets you have that might be pwned.
- Protect those assets from being pwned.
- Detect if your assets have been pwned.
- Respond to being pwned in a timely and effective manner.
- Recover from being pwned as quickly as possible.
If you don’t follow the IPDRR framework, you might get pwned. And if you get pwned, you might lose all of your data. So it’s important to follow the IPDRR framework to not get pwned.
P.S. If you don’t know what “pwned” means, it means “hacked”. So I guess you could say that IPDRR is a framework for not getting hacked.
Monitoring for Threats:
SIEM is a huge piece of that. We deploy it internally since, as an MSP, we are squarely targeted by the enemy. If we get hacked, then many (our clients) are hacked – not good. As a result, we deploy an array of defensive weapons to protect ourselves and in turn, our clients.
SIEM is a big one that looks at EVERYTHING going on in your endpoints, (phone/laptop/tablet) your network infrastructure, (Servers, firewall, switches, WiFi, etc.) and the cloud you access. (Hosted apps, Microsoft 365, Dynamics 365, ERP, CRM, etc.)
Contact Beringer Today!
Partner with us to ensure your organization’s devices are always secure and compliant with ever-changing security standards. Reach out to Beringer Technology Group today. We can help evaluate your current cybersecurity posture with our Cyber Security Risk Assessment Solution, and implement the right security solutions for your organization.
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.