Where Does SIEM Fit in an Enterprise?

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

Philip Quade spent 34 years working at the National Security Agency (NSA) in a variety of roles, where he learned what it takes to define and implement cyber security tactics and strategy. Since January 2017, Quade has been the Chief Information Security Officer (CISO) at Fortinet, helping to secure infrastructure both for Fortinet and its customers.

In a video interview, Quade outlines his role at Fortinet and how different technologies integrate, including SIEM (security information and event management).

"Fortinet has a wide range of products, and with range you are able to mitigate at the time and place of your choosing, rather than at your points of weakness," Quade said.

Fortinet's product portfolio includes network security appliances, such as its FortiGate next generation firewall platform, FortiCASB cloud access security broker, endpoint and email security technologies. Among the product areas that Fortinet has been focusing on in 2018 is its FortiSIEM platform, which helps to provide visibility into network operations and security threats.

Combining all of Fortinet's products together is the company's security fabric approach, which allows products to integrate and interoperate to enable a collaborative defense.

The role of the SIEM system

For some organizations, the SIEM is the "source of truth" and the center for Security Operations Center (SOC) teams. Quade said that while SIEM plays an important role for visibility, he also sees a need for segmentation at the core of security strategy.

Quade said that 10 years ago, boundary defense was king and organizations put a virtual and physical boundary in place and then defended that boundary. With the boundary now going away with cloud and wireless adoption, security strategy is all about segmentation.

"You could also argue that you should start your cybersecurity architecture with a really robust SIEM so you can understand what's on your network, cause you can't defend what you can't see," Quade said.

Watch the full video with Fortinet CISO Philip Quade below:

Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.

Submit a Comment

Loading Comments...