A company has recently undergone an exponential growth to 500 employees.
Everyone works from home and uses a cloud based solution for email and documents.
Needless to say, things are in a bit of a mess and need strightening up.
I was asked if they needed a SIEM.
This sparked many thoughts, before they employ a SIEM - They need to have things in place otherwise money will be wasted and no real value will be gained.
1, Asset management and Data Classification (inc Supplier assessments)
2, Threat Modelling (prioritisation)
3, Risk Assessments
From there they can look at what they would like to ingest and make use of.
I am sure that there are other things to be considered before deciding if a SIEM is appropriate and would appreciate any input.
Thanks in advance
Thanks, that's really good point.