Security start-up AlienVault recently drew attention by making off with seven security execs from Hewlett-Packard. Now it is turning more heads by drawing $8 million in funding. The double coup testifies to strong IT interest in security information and event management (SIEM) technology.

This industry interest reflects ongoing concern with security in the wake of major hacks and cyber-attacks last year. Both government agencies and private industry are concluding that security must be a primary focus of their energies.

"From the Top Down"

As reported by Rip Empson at TechCrunch, the boost in funding came just two weeks after AlienVault succeeded in recruiting top HP security executives. At the heart of the security start-up's offerings is OSSIM, described as "an open source SIEM solution."

Like other SIEM systems, OSSIM is designed to provide overall management of such key security systems and processes as vulnerability scanning. Other vendors in the SIEM space include ArcSight, LogLogic, Check Point, and Symantec.

Barmak Meftah, one of the erstwhile HP executives, now CEO of AlienVault, says the technology was the great draw. He noted that the rise in security threats has demonstrated the need to address security "from the top down," calling attention to SIEM solutions.

A New Level of Threats?

On a purely operational level, the advantage to monitoring security systems on an overall basis, rather than dealing with them piecemeal, is fairly straightforward. (Implementing such technology is a different matter.)

But the motivation for firms to commit resources to unified security operations--and thus invest in SIEM solutions--has been strengthened by events of the past year. Black hat hacking attacks have long come from one of two sources: cyber criminals in it for money and pranksters in it for notoriety or sheer kicks.

The former are still very much with us, but the latter group have evolved and metastasized to a new level, as exemplified by WikiLeaks and the Anonymous hacker group. The motives of these groups are in some broad sense political, targeting what they regard as an information establishment.

Such political overtones to black hat hacking have roots going all the way back to the "phone phreaks" of the 1970s. But the recent emergence of groups like Anonymous testifies to a new level of focus, organization, and technical sophistication.

And because their motivations are not narrowly financial (e.g., stealing account numbers), the scope of their attacks is wider and less predictable. Their targets are most frequently large institutions, but small and midsize businesses (SMBs) cannot count on being ignored.

They may attract attacks for obscure ideological reasons. Or their networks may be hacked along the way to some other exploit. Hence the growing need for, and interest in, high-level security solutions such as SIEM.