I am please to announce that I will be presenting at the EDUCAUSE/Internet2 Security Professionals Conference that will be held from April 4 - April 6, 2011 in San Antonio, Texas. I am co-presenting with a colleague from another institution and the topic of our talk will be Peering into the Darkness: Implementing SIEM

The abstract of our talk is included below:

This session will address the value that a successful SIEM implementation can bring to both medium and large institutions by increasing the visibility of system and network operations. 

However, not all news is good: when embarking on a SIEM project, security professionals must also plan for

technical and staffing problems. The challenges of SIEM implementation are multi-faceted, including unintended side-effects, budget, scope, and system diversity.


Specific strategies discussed will include project management techniques and SIEM architecture. Outcomes will be demonstrated that reveal the increased level of visibility for the overall network landscape, leading to dramatic decreases for incident response time.

It has been a while since I made it out to the conference, and I am looking forward to it!