Show simple item record

dc.contributor.advisorHousel, Thomas J.
dc.contributor.advisorMun, Johnathan C.
dc.contributor.authorWarnecke, Matthew P.
dc.dateJun-13
dc.date.accessioned2013-08-01T16:52:00Z
dc.date.available2013-08-01T16:52:00Z
dc.date.issued2013-06
dc.identifier.urihttp://hdl.handle.net/10945/34757
dc.description.abstractSophisticated cyber threats represent a significant adversary in the evolving world of the cyber domain. Furthermore, determining whether or not an attack has taken place and the extent of the damage caused requires significant resources. In order to guarantee reliable detection, prevention and mitigation of these advanced threats, the Department of Defense (DoD) must invest in advanced information security technologies that increase the defensive capabilities of its information networks. This thesis focuses on Security Information and Event Management (SIEM) systems as an enabling technology that possesses the advanced security capabilities required to address sophisticated, evolving cyber threats. The research explores the capabilities of this technology in terms of the speed of detection, depth of investigative power, and additional value provided. Additionally, this research attempts to quantify the return on investment that a SIEM solution could provide when deployed in a notional DoD network architecture. Ultimately, the research provided in this thesis endeavors to justify DoD investment in SIEM technology. The focus of this research revolves around a qualitative description of the inherent capabilities of SIEM products and utilizes several Return on Security Investment models in an attempt to quantitatively define the value of these capabilities in a DoD network.en_US
dc.description.urihttp://archive.org/details/examiningreturno1094534757
dc.publisherMonterey, California: Naval Postgraduate Schoolen_US
dc.rightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.en_US
dc.titleExamining the return on investment of a security information and event management solution in a notional Department of Defense network environmenten_US
dc.typeThesisen_US
dc.contributor.departmentInformation Sciences (IS)
dc.subject.authorSecurity Information and Event Managementen_US
dc.subject.authorSecurity Event Correlationen_US
dc.subject.authorIncident Responseen_US
dc.subject.authorReturn on Investmenten_US
dc.subject.authorReturn on Security Investmenten_US
dc.subject.authorReturn on Securityen_US
dc.subject.authorNetwork Intrusionen_US
dc.description.serviceLieutenant, United States Navyen_US
etd.thesisdegree.nameMaster of Scienceen_US
etd.thesisdegree.nameMaster of Science in information Technology Managementen_US
etd.thesisdegree.levelMastersen_US
etd.thesisdegree.disciplineInformation Technology Managementen_US
dc.description.distributionstatementApproved for public release; distribution is unlimited.


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record