In-sourced, Co-sourced or Outsourced: Considerations for a Key Security Event Monitoring and Compliance capability
This paper considers the reasons why fully outsourced security monitoring and compliance solutions from MSSP’s may not provide real benefits to organisations...
Read more >
A UK Blue Chip Energy organisation with global reach had a requirement to deliver security information internally which
would drive better management decisions and help the company achieve its objectives...
Read more >
Products & Services
Security Information Event Management (SIEM) systems work in conjunction with an organisation’s existing IT infrastructure to collect and process details of security and compliance events. These events can range from users attempting to access data for which they are unauthorised through to verifying compliance controls are in-place and reported against.
SIEM enables organisations to identify and react effectively to real attacks, malicious behaviour and policy violations. Crucially, SIEM systems provide the comprehensive auditing and reporting capabilities necessary to support regulatory compliance and are rapidly becoming the cornerstone of the organisation’s security dashboard.
Further, SIEM systems remove the need to monitor multiple vendor specific technologies through different dedicated interfaces, bringing all deployed security systems together under one umbrella.
Below you will find more information on core services.
Z-SIEM is Zepko’s proprietary methodology for ensuring each and every SIEM engagement is a success and is based upon the following simple formula:
There are many different factors to consider in undertaking a SIEM project and each organisation must understand its own specific requirements and objectives. Zepko eases the decision process by offering a comprehensive analysis to determine which system would best fit the business need within the available budget, enabling a fully informed decision to be made.
The chosen solution must fit with the organisations business processes and have the flexibility to adapt in line with business operations while working with, and supporting, existing client technologies. This can only be achieved by fully understanding the current requirements, the potential future requirements and ensuring the system is properly implemented to maximum advantage. Indeed, this is why Zepko takes great care to work with stakeholders and end-users alike as part of any engagement, while establishing clear and transparent work plans and key deliverables.
The Z-SIEM process of choosing the correct system and then ensuring its optimal configuration and installation is crucial if it is to deliver to expectations.
While SIEM technology continues to evolve, growing ever more capable and functionally rich, conventional operational complexities and overheads remain and clients are now requesting increased levels of after-care and system management. In many cases organisations are now tending to outsource the management and system support, allowing them to focus on the information produced.
Z-FLEX has appeal and application across all organisations as it has solution assurance built in. The Z-FLEX service catalogue contains a comprehensive breakdown of monthly service-based offerings, from health-checks through to full system management capabilities. Clients can rest assured that ongoing support is being provided by the team that implemented the solution.
Z-ECM is an evolving set of European compliance best-practice modules; including:
- FSA Handbook – The UK’s Financial Services Authority’s code of practice
- DPA – The Information Commisioner’s Office - Data Protection Act
- GPG-13 – CESG’s Good Practice Guide for protection of HMG’s ICT resources
- Solvency 2 – Financial services based regime for the EU insurance sector
These packages are provided to assist an organisation achieve and declare compliance to the regulatory regimes that are important to them across the European territory and can be delivered and supported across the various SIEM systems already deployed and in use.
Z-ECM is designed to enable organisations to take a proactive approach to their regulatory responsibilities and therefore engender internal best practice to external regimes, while lowering the overall cost of compliance.
For further information on any of the above modules in this section, please contact us.