You are here

(TLP:CLEAR) CISA and Partners Release New Guidance for SIEM and SOAR Implementation

(TLP:CLEAR) CISA and Partners Release New Guidance for SIEM and SOAR Implementation

TLP:CLEAR
Created: Thursday, May 29, 2025 - 15:07
Categories:
Cybersecurity, Federal & State Resources, Security Preparedness

Summary: On Tuesday, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Analyst Note: Cybersecurity teams need tools that give visibility into their organizations’ network traffic and endpoints. However, simply having the right tools doesn’t automatically offer insights into your security situation. SIEM and SOAR platforms give organizations the visibility necessary to enable efficient security operations and incident response, so far as they are implemented and configured properly. This guidance is applicable to all organizations, whether to get the most out of currently deployed SIEM and SOAR tools, or if seeking to implement these tools for the first time. WaterISAC encourages members to review this guidance and implement the recommended best practices as is appropriate for your utility.

Original Source: https://www.cisa.gov/resources-tools/resources/guidance-siem-and-soar-implementation

Additional Reading:

Related WaterISAC PIRs: 12