Family Building Society began by undertaking a holistic review of its IT landscape to understand clearly where the gaps and pain points were in their cybersecurity posture. As part of this review, log retention and log analysis were both identified as priority areas for attention, and topics that were constantly being raised in regular reviews. The Family Building Society also wanted to enable the retention of log data and effective forensic analysis of security and operational events.
At the same time Family Building Society was going through the process of obtaining the Cyber Security Plus accreditation. To align with the requirements of the programme and address the input received from security assessors, having a Security Incident and Event Management (SIEM) system in place was considered a necessity.
Once Family Building Society had decided to implement a SIEM solution, they then needed to decide whether to deploy it in-house or as a managed service. With a long and successful history of providing internal IT services, the Family Building Society decided to bring the SIEM solution in-house. They also had to ensure that they had the necessary resources available to manage the system, the support and documentation to help them through the process, and the freedom to move to a managed service in the future if required.