New “Store Locally and View Globally” capability supports multi-nationals and MSSPs
DALLAS, May 25, 2021 – Cysiv, an innovator in the field of security operations center-as-a-service (SOCaaS), today announced the launch of its new unified global architecture for Cysiv Command, the cloud-native, next generation security information and event management (SIEM) platform. With this new architecture, clients can cost-effectively meet data residency and compliance requirements, and better support regional security operations, by specifying to have their logs stored within one of 25 regions of their choice—from across the Americas, Europe and Asia-Pacific—while still being able to view and query them at a global level.
Cysiv Command is a massively scalable, multi-tenant, modern SOC platform that combines and integrates essential technologies–including SIEM, data lake, user entity behavior analytics (UEBA), security orchestration automation and response (SOAR), threat intelligence platform (TIP) and case management–into a unified, cloud-native SaaS. It provides the foundation for SOC-as-a-service (SOCaaS), which operates as an extension to an organization’s IT and security team by providing 24/7 monitoring, investigation and response to cyber threats across all IT environments, including campus, remote, datacenter, multi-cloud, and IoT/OT.
“With our new unified global architecture, logical separations–or tenants–based on country, office location or business unit, for example, can now easily be created, while maintaining the ability to generate aggregate views and perform queries and analyses across tenants and business units, right up to the global level.” said Justin Foster, Cysiv CTO and co-founder. “This unique ‘store locally and view globally’ capability is something that traditional SIEMs and their cloud-hosted cousins haven’t been architected to cost-effectively support, and will help further accelerate our growth.”
Because logs that are ingested to a SIEM platform may contain personally identifiable information (PII) such as username and IP address, many organizations need to ensure that this data is being stored in-country or in-region, for compliance reasons. While this was not an issue with traditional on-premises SIEMs, it is when the SIEM is delivered as a service, from the cloud.
According to Gartner1, “By 2023, 90% of SIEM solutions will have capabilities that are only delivered via the cloud (for example, log storage, analytics, incident management), up from 20% currently.”
Data residency refers to the physical or geographic location of an organization's data, and also to the legal or regulatory requirements imposed on data based on the country or region in which it resides. From a SOC perspective, data residency is particularly important and challenging for multi-nationals, and for MSSPs that operate in several countries.
“Multi-tenancy, and the new global architecture, are central to our expertise in providing SOCaaS, powered by Cysiv, to our clients,” Robert Wysocki, Senior Vice President & Global client Solutions Leader - Networks & Cybersecurity, Microland. “Cysiv’s SaaS platform and new architecture is a newer frontier in ‘as-a-service’ delivery, and effectively enables us to provide tremendous value to our clients with a comprehensive managed security service capability.”
1 Gartner, ‘Questions to Answer Before Adopting Cloud SIEM Solutions,’ Kelly Kavanagh, Gorka Sadowski, Toby Bussa, 27 July 2020