The OEB requires a vendor or service provider to design, test, train, implement and support a Security Information and Event Management (SIEM) solution. The solution can be implemented In-house and / or Subscription based via managed services. A SIEM solution will allow the OEB to make sense of logs from different equipment in the information system. SIEM are meant to detect cyber-attacks and IT threats by exploiting and filtering different logs coming from several information sources (that could be internal or external). It is a centralized and powerful supervision system that traditionally includes two parts:
1. A SIM (Security Incident Management) dealing with post analysis, storage, archival, compliance, reporting but also with internal threats linked to log management delivering reports and detailed analysis.
2. A SEM (Security Event Management) collecting and handling real time data in order to analyze logs coming from IT systems, networks and applications. It allows IT event management, event correlation and it is positioned as the ultimate tool to counterattack incidents and internal or external threats.
All Proponents taking part in the RFP must have prior SIEM experience. All participating Proponents will be required to fill out a questionnaire demonstrating their qualifications and expertise.
