TY  - JOUR
AB  - Purpose– Security information management (SIM) has emerged recently as a strong need to ensure the ongoing security of information systems. However, deploying a SIM and the associated sensors is a challenge in any organization, as the complexity and cost of such a project are difficult to bear. This paper aims to present an architecture for outsourcing a SIM platform, and discuss the issues associated with the deployment of such an environment.Design/methodology/approach– The paper is an overview of the typical SIM and a possible architecture for its outsourcing.Findings– The paper explains that the day‐to‐day operation of a SIM is beyond the financial capabilities of all but the largest organizations, as the SIM must be monitored constantly to ensure timely reaction to alerts. Many managed security services providers (MSSP), therefore, propose outsourcing the alert management activities. Sensors are deployed within the customer's infrastructure, and the alerts are sent to the outsourced SIM along with additional log information.Originality/value– The paper illustrates that intrusion detection and SIM as two important and active research domains for information systems security.
VL  - 14
IS  - 5
SN  - 0968-5227
DO  - 10.1108/09685220610707430
UR  - https://doi.org/10.1108/09685220610707430
AU  - Debar Hervé
AU  - Viinikka Jouni
ED  - Sokratis K. Katsikas
ED  - Stefanos Gritzalis
PY  - 2006
Y1  - 2006/01/01
TI  - Security information management as an outsourced service
T2  - Information Management & Computer Security
PB  - Emerald Group Publishing Limited
SP  - 417
EP  - 435
Y2  - 2024/04/24
ER  -