Security Information Event Management Systems
Security information event management systems pull in log and event data and correlate the information to identify suspicious activity. If a retailer was feeding all of its systems into a SIEM and had it configured properly with customized rules, the system could detect suspicious activity and alert someone on the IT team to investigate. A credit card breach could be detected and contained faster, solution providers said. PCI-DSS requires large merchants to conduct a daily review of logs. Many merchants are overburdened and not looking close enough to uncover suspicious activity, said Brian DiPaolo, director of the assessment and compliance practice at Houston-based Accudata System. Struggling merchants are increasingly turning to managed security services providers to proactively cull through logs, DiPaolo.