DIGITAL LIBRARY
STUDYING SIEM IN HIGHER EDUCATION IS AN IMPORTANT TASK IN TRAINING CYBER SECURITY PROFESSIONALS
University of Library Studies and Information Technologies (BULGARIA)
About this paper:
Appears in: INTED2020 Proceedings
Publication year: 2020
Pages: 348-357
ISBN: 978-84-09-17939-8
ISSN: 2340-1079
doi: 10.21125/inted.2020.0156
Conference name: 14th International Technology, Education and Development Conference
Dates: 2-4 March, 2020
Location: Valencia, Spain
Abstract:
The topic of implementing logs for network devices, operating systems, services, and applications, in building and monitoring security events across networks and information systems is typically mastered in corporate trainings. The article offers a method for teaching the topic of security information event management (SIEM) for bachelors and masters of sciences. It affects the width and depth of the topic and the composition of the lab and the construction of study material. The proposed approach has been tested in teaching bachelors and masters of sciences. It is the way to understanding the basic concepts that need to be mastered in order to grasp matter. The method is applicable for the construction of the syllabus in the disciplines in the field of SIEM for bachelors and masters of sciences.

Prepares trainees to adopt ideas for the practical construction of information systems security in the part of ensuring security continuity. In the next stages of student education, this topic provides a basis for promoting practical and theoretical aspects related to the entry of avant-garde technologies AI, ML, IoT, containers and microservices, generally into the ICT and their application in cybersecurity solutions. The topic is related to the subjects in the field of network security, analysis of large data sets, endpoint security, security incident management, computer crime investigation. The composition of the laboratory design provides terrain for assimilation of regular expressions, RFC, monitoring of privileged users' behavior endpoint security.

Students can perceive the magnitude of the problems associated with the advent of the Internet of Things and cutting-edge technologies related to SIEM. Training software developers, this topic is useful to understand those parts of the application architecture that are related to log entries. The article helps to realize the vision for the security by design and shift left. Future cyber security experts, developers, developers and architects must comply with the regulatory requirements for journaling and SIEM.
Keywords:
Syslog, SIEM, cyber, security, design.