Too often overlooked, SIEM (security information event management) needs to be a integral part of any enterprises security best practices. It facilitates a holistic view of an IT landscape and allows a company to be more proactive with its security initiatives.
First and foremost, SIEM (and to a certain extent log management) is about visibility. Who is doing what and when on your network. It is as much about understanding the holistic landscape of your infrastructure as it is protecting proprietary assets. Without it, it’s akin to coaching the Big Game without any idea who is the opponent; or for that matter if you even have a starting left guard.