At ASG, we define Security Information Management as the aggregation, organization, and communication of data (internal and external) within the context of a risk and resilience strategy and plan.
We approach this challenge through our Professional Services Group and its partners.
Applying technology to this challenge should increase the value to the organization through the sum of the parts. That is, it should reduce roadblocks between people, their processes and the tools they use to perform their work.
It should also increase the viability of proactive and predictive response, increase the time-to-value (T2V) of incident response and provide a comprehensive view of the security state. That state can then be shared programmatically as a report to any level of executives to ensure the key performance goals are being met; shared between departments, partners or agencies to ensure appropriate response; or shared persistently to ensure continuous compliance.