This IBM® Redbooks® publication provides information about implementing IBM QRadar® for Security Intelligence and Event Monitoring (SIEM) and protecting an organization's networks through a sophisticated technology, which permits a proactive security posture. It is divided in to the following major sections to facilitate the integration of QRadar with any network architecture:
Chapter 2, "Before the installation" on page 3 provides a review of important requirements before the installation of the product.
Chapter 3, "Installing IBM QRadar V7.3" on page 57 provides step-by-step procedures to guide you through the installation process.
Chapter 4, "After the installation" on page 77 helps you to configure additional features and perform checks after the product is installed.
QRadar is an IBM Security prime product that is designed to be integrated with corporate network devices to keep a real-time monitoring of security events through a centralized console. Through this book, any network or security administrator can understand the product's features and benefits.
The challenges you face as an information security manager (ISM) have increased enormously since the first edition of Once more unto the breach was published.
What seemed exceptional in 2011 is the norm in 2015: vulnerabilities have been experienced across all operating systems, millions of individuals have been affected by data breaches, and countless well-known companies have fallen victim to cyber attacks.
It’s your duty to ensure that your organisation isn’t next.
The ISM’s information security responsibilities now cover all aspects of the organisation and its operations, and relate to the security of information in all forms, locations and transactions across the organisation – and beyond.
Topics covered include:Project managementPhysical securityPassword managementConsumerisation (BYOD)Audit log managementVulnerability managementCloud computingIncident reportingPenetration testingLinking information security with records managementPrivacy impact assessmentsInternal auditing
In this revised edition of Once more unto the breach, Andrea C Simmons uses her extensive experience to provide an important insight into the changing role and responsibilities of the ISM, walking you through a typical ISM’s year and highlighting the challenges and pitfalls of an information security programme.
One of the key failures of security change management is that it is perceived as a project instead of a programme , and is therefore mistakenly assumed to have an end. Once more unto the breachexplains why information security is an ongoing process, using the role of project manager on a programme of change to highlight the various incidents and issues that arise on an almost daily basis – and often go unnoticed.
A major challenge for the ISM is achieving all-important buy-in from their colleagues. Once more unto the breach explains how to express the importance of the tasks you are undertaking in language that executive management will understand. You’ll also discover the importance of having a camera with you at all times.
For too long, security has been seen as more of an inhibitor than an enabler. Once more unto the breach is an invaluable resource that will help you improve this perception, and achieve better overall information protection results as a result.
About the author
Andrea C Simmons is an information governance specialist with extensive experience in the private and public sectors. She has made significant contributions to the development of standards and industry research, and is currently working on a PhD in information assurance. She writes articles and blogs, and presents at conferences, seminars and workshops. Andrea is a member of many professional bodies and has just been awarded Senior Member status by the Information Systems Security Association (ISSA).
Buy this book and understand the latest challenges information security managers face.
After reading this book, you should be able to use these tools to do some testing and even working on penetration projects. You just need to remember not to use these techniques in a production environment without having a formal approval.