PCI content. PCI DSS imposes considerable audit reporting requirements. Some log management or SIEM solutions provide out-of-the-box content but few clearly map reports and alerts to specific PCI DSS testing procedures. Ideally monitoring content should support audit reporting requirements and also deliver continuous visibility into threats to cardholder data through real-time log analysis rules. So make sure authoritative content is available to automate audit efforts for PCI as well as other regulations you are subject to.

PCI DSS is at an important junction. Compliance levels are up but the rising cost of compliance suggests continued inefficiencies. At the same time the growing incidence, cost and sophistication of breaches remains unchecked. In the face of this contradiction, the solution certainly cannot lie in periodic audits and more point security tools that deliver silos of security context and limited visibility into actual threats.

Logs provide a readily available and largely untapped source of information that can be harnessed to introduce significant efficiencies into compliance projects for PCI and other mandates. Logs can also enable continuous visibility into threats to cardholder data. SIEM solutions have been widely used to unleash this value and overcome the many challenges of home-grown log infrastructures. Given the promise of efficiency and visibility -- 2010 seems like just year to prioritize a SIEM investment.

ArcSight is a global provider of security and compliance management solutions that protect enterprises and government agencies.