A Security Information and Event Management (SIEM) Implementation for Small Businesses
Azam, Bilal (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025061022088
https://urn.fi/URN:NBN:fi:amk-2025061022088
Tiivistelmä
Cybersecurity threats are a growing concern for small businesses, which often lack the resources for effective protection. Security Information and Event Management (SIEM) systems provide critical threat detection but are typically designed for large enterprises, making them too costly and complex for small organizations. This research addresses the need for a cost-effective SIEM solution tailored to small businesses by focusing on performance optimization and structured threat detection.
The study is based on the Cyber Kill Chain framework, emphasizing stages of attack detection and response. Key concepts include cost efficiency, SIEM performance metrics, and structured threat analysis. The methodology involves evaluating commercial and open-source SIEM solutions and designing a lightweight, affordable SIEM model using practiced based approach.
Preliminary findings show that traditional detection metrics are insufficient for small business needs. The literature analysis highlights that open-source and cloud-based SIEM systems, combined with the Cyber Kill Chain framework, can significantly improve threat detection capabilities in small business environments.
The study is based on the Cyber Kill Chain framework, emphasizing stages of attack detection and response. Key concepts include cost efficiency, SIEM performance metrics, and structured threat analysis. The methodology involves evaluating commercial and open-source SIEM solutions and designing a lightweight, affordable SIEM model using practiced based approach.
Preliminary findings show that traditional detection metrics are insufficient for small business needs. The literature analysis highlights that open-source and cloud-based SIEM systems, combined with the Cyber Kill Chain framework, can significantly improve threat detection capabilities in small business environments.