The German automobile manufacturer Daimler is saying goodbye to the SIEM (Security Information and Event Management) solution it has used until now and is switching to Splunk Enterprise Security . As a result of the option for real-time data analysis on the security analytics platform, the Stuttgart-based company is expecting to be able to reduce the time taken to evaluate several terabytes per day from a few hours to a few seconds. The system evaluates a wide range of data sources on the basis of log events and displays them in graphic form. As a result, appropriately trained personnel can identify security threats and other problems at an early stage by means of trends and progression curves. In this specific application, its use covers vehicle systems, production lines and other areas of the company.
Thanks to its flexibility, the Splunk approach should be appropriate not only for the traditional area of IT, but also for analysis of networked vehicle fleets and of Industry 4.0 structures. Besides the capability to identify internal sources of problems, for example an unforeseen interruption of internal data pathways, SIEM solutions are also suitable for early detection and prevention of cyber attacks. According to the Cost of Cybercrime Study by Accenture, the costs incurred due to attacks of this type increased by 42% in 2017 in comparison to the previous year, to an average of EUR 11.2 million.