Security Information Systems (SIMs) for Event Management in the UK

This dissertation outlines a research study on Security Information Systems (SIMS) and their application in event management. The use of SIMs in event management aids in ensuring that security risks are avoided before they happen. In this study, a detailed study was done on the effectiveness of Security Information Systems in Event Management, through the case study of their usage in the UK. The study utilized the archival literature research method of data collection in analyzing secondary literature. The findings of the study are outlined in Chapter IV of this dissertation.

1.0 Introduction

A critical business system must have an associated technology that can support its activities. Performance benchmarks are aligned with this systems to ensure that they carry out activities as planned. In the security space of event management, there are security information systems that are utilized to ensure safety during UK events (Bhatt et al 2014). Sophisticated cyber threats are constantly reported and this makes this topic a significant adversary. Defense technology such as security information systems remains to be essential in event management (Infinedo, 2014). The security information systems are intriguing technology that involves the utility of vast disciplines that aim at protecting attacks during events (Cassidy, 2016). Evolution of security matters has been a constant issue that requires much consideration by event promoters and sensors. This research study is focused on analyzing the current security Information Systems within the United Kingdom. Additional challenges arise from time to time and this poses a question on the effectiveness of security and information systems that are created to guard the events.

1.2 Types of Threats in Events

Events offer a spice for a specific type of lifestyle based on routine activities. Most people look forward towards events without considering the threats attached to them (Lim, 2016). The individuals, in this case, include; the attendees, hosts, sponsors and event planners. Careful planning is the best way through which vast threats can be contained. Some of the common threats experienced that can be curbed through Security Information Systems include;

  • Equipment and personal property theft: this particular threat is common in most events since the culprits emerge from the crowd itself. The most trusted staff are likely to lead to such types of threats since they have a link to where most equipment is located. Security in most events is always at an optimal level but thefts that are an inside job can be quite hard to control (Miller et al 2010).
  • Gatecrashers: this threat may at times be a great issue since these uninvited individuals might be terrorists wanting to barge through the events. Other gate crashers are also fond of forging tickets which is an online activity.
  • Violent crimes: There are several threats that are linked to violent scenes in events such as:
  • Terrorism: there are cases of terrorist organizations targeting events since they believe that the planners are not that keen about maximum security (Erikson, 2017). This has contributed to many events being attacked such as
  • Attacks on special guests; in the case of having a special guest in one’s event creates a large threat for the event planner particularly if they are a public figure. In their presence, there are greater chances of violent crimes happening.
  • Attendee aggression; attendants may end up being aggressive considering that there are drugs involved; this might ultimately contribute to violent crimes.
  • Calamities: Situations such as earthquakes or fires are probable threats that may affect event activities. Vast events in the UK have been disrupted by such natural factors.
  • Compromised data: Current events are said to prone to such threats; this threat is brought about by online ticketing or the presences of a billing system. Data breach is therefore likely to occur in such processes hence leading to compromised data.

1.3 Use of SIMs in Event Management

Event Management is the process of applying project management of varied in large events such as; festivals, ceremonies parties, concert or conventions (Ensor et al, 2011). Managing any type of event depends on the type of event as well as its attendants. In the UK for instance, there are vast events that take place which entails; charity, sports, charity, music festivals and celebrity parties. Event management can at times be a complex and that is why event manager opt to purchase SIMs (Wagen & White, 2018). Products from SIMs offer event planners or sponsors with tools by which they can handle activities that may not necessarily involve security such as; registration of delegates, hotel booking, booking of travel tickets and the allocation of floor space to traders who want to exhibit their commodities.

The event technology has evolved with time and this has created some ease for event managers (Erikson, 2017). For instance, there is a recent trend by which planners can coordinate activities through mobile apps. The latter is also utilized as a means of communication in the case of any alerts or notifications. Event managers can also get feedback from the individuals attending the events through the apps (Peltier, 2016). The built-in networks are the platform by which systems such as Security Information Systems can offer security for events.

1.4 Research Problem

Events have regular chances of facing all types of threats. Events managers are to blame in the case of any problems that arise. The saddening fact about most threats is that the attendees face chances of being harmed or murdered by the people undertaking the crimes. Security Information Systems come in handy is solving these security matters.


1.5 Research Aim

This research study aimed at analyzing security information systems and how they affect the management of events within the United Kingdom. The core objective of the study, therefore, is to distinguish the components of a security information systems that are operational. In addition to that, the researcher will look into how the information systems affect event management.

1.5.1 Research Objectives

Research objectives are concise and clear statements that illustrate what the researcher would want to accomplish after the research study is completed. The following are the research study’s specific objectives;

  1. To find out the current use of security information systems in event management
  2. To determine the importance of security information systems in event management
  3. To determine the limitations of using security information systems in event management

1.6 Significance

The utility of Security Information Systems is a great way of ensuring management are able to monitor their events and maintain maximum security. Threats pose a great menace for both the attendants and planners. This study is meant to analyze security information systems and also add recommendations that can be added in the current research interested in the topic.



2.0 Literature review

2.1 Introduction

Peltier, (2016) illustrates that recent attacks within events have revealed the relevance of efficient security planning. Emergency responses have been weak in most of this events since there was a lack of an efficient information system that would aid in communicating such critical matters (Rolfe 2013). Common fun activities that are likely to face the threat include; sports events that mostly occur in London, festivals such as the Glastonbury music festival, large political conferences, fundraisers that are common within the UK, political campaigns as well as exhibitions. These events attract masses and this contributes to them facing crimes such as robbery and terrorism (Robertson & Rogers, 2009). In the UK, events become popular by the day and this means that the rate of threats increases. This has been a matter that has attracted special groups who intervene with the government about the citizen’s issue. Erikson, (2017) observes that poor event planning and management are the likely causes as to why the events remain to be targeted for illegal activities. It is apparent that proper safety and security can only be attained by tailoring strategies that are valid and applicable in the case of such occurrences or even before they happen (Tarlow, 2002).

Solomon, (2016) observes that large events obviously require more security measures such as information systems that are broad enough to understand, sense and communicate in the case of security threats. Security information systems are designed to ensure that event managers have the capability to monitor and evaluate threats that may affect their events (Laudon & Laudon, 2015).  There are eight set criteria that can be utilized in determining security risks within an event (Miller et al 2010). The elements include; event size, existing threats that may be a harm to the event, historical , political or any symbolic features that may be attached to the event, the event duration, the background of the event in terms of culture, politics and religion, media coverage extent and the number of dignitaries or outstanding people attending. The set of criteria is a prerequisite while purchasing or applying a Security Information Systems in event management.

Most event planners tend to hire security firms that attend to security matters prior and while the event is taking place (Wagen & White, 2018). The firms are also responsible for offering security personnel that can look into the ground to check whether there are any implanted threats (Tarlow, 2002). There is a need for estimating the size of security agents that should be on the ground; it is suggested that they would rather be many than limited (Pearlson et al 2016). The significant number has the power to deter any threats or disturbances that may occur as the event takes place. The question arises when it comes to handling virtual threats that may destroy the event plans or lead to harm on the attendees. This research study looked into how SIMs can be of help in handling such complex issues that may be a problem in event management.

2.2 Security Information Systems (SIMS)

Current computer systems have the capability of producing and supporting volumes of data when it comes to security (Galliers, & Leidner, 2014). A Security Information and Event Management (SIM) is needed in handling firms that may host many people who may be threatened by a harmful group (Brown et al 2015). In events, there is a need for keeping track of event attendants who may be interested in partaking as staff or as a fan in the event. It is eminent that a threat is always from within so that they can track every particular incidence that is planned for the day. In most UK events, festivals occur for a couple of days even extending into a week (Erikson, 2017). During this period of time, there is a likelihood of an attack happening which may lead to people succumbing or the event being banned from happening. Events being at this risk are expected to take maximum security measures such as consulting IT experts or security firms such as SIMs to assist them with curbing such situations (Feng et al 2016). In the event of an attack, the company losses a lot than they expected for profit. This major loss should be considered by the event managers by investing some budget into Security Information systems that can aid in event management. Stair & Reynolds, (2017) illustrate that the core principle of SIMs system is that the core information of an enterprise is gathered from diverse sources. The data is thereby correlated so that it can be stored in one central location whereby it can be easily monitored.

The process ensures that there is easy monitoring of the data and also to sense any trends that are queer. Security Information management and security event management should be combined so that the focal location created can be relevant (Van & White, 2018). The single security system is quite useful in event management since there are modern methods utilized (Wagen & White, 2018). The current universe has become a global space in that, it can be possible to identify terrorists from a strange continent planning an attack in an entirely different continent. This is enabled by the power of a Security Information System. SIMs segment mostly emphasizes on the study of historical data in order to improvise long-term performance and the proficiency of information security. The Information systems offer a real-time monitoring by which events can be secure prior and after they happen (Tarlow, 2002). The systems also respond rapidly in the case of an attack occurring with an accuracy of over 80%. Compliance reports are also released immediately after any sudden attacks occur without the detection of the information systems (Brown et al, 2015).

A System information system works by distributing varied sets of agents through a hierarchical manner in order to collect vast security data in relation to their assigned events (Galliers, & Leidner, 2014). The system is able to gather security information from specialized equipment or tools. Information gathered is afterward transferred into a centralized control that has a set of management teams to study the situation (Chen & Wen, 2015). The core console later performs an inspection on the logs in order to detect any malware or cyber-attacks on the event.

In general, the core role of a SIM product is to gather, consolidate and control log data that is related to an event (Lowry et al 2017). Firstly, the Log information is gathered from varied devices which may be mobile or landline, the data may also be collected form applications. The next step involves the data being aggregated which is also known as consolidation. The log data is thereafter parsed in order to correlate with other pieces that appear as an attack in order to create a complete picture (Galliers & Leidner, 2014). In the latter step, contextual data about certain networks become important since they lead to common threats of the event (Cassidy, 2016). This collected data is primarily stored by a firm’s network before it is taken to the central location for evaluation and archiving.

It is important to comprehend that a SIMs either cheap or expensive is not entirely secure (Galliers, & Leidner, 2014). The universe has all types of security but there never lacks a fault that is used in making it impossible to detect an attack. The modernization of cyber threats and other techniques makes it easy for hackers not to be detected by an improved system such as SIMs.

2.3 Challenges Faced in the Use of SIMS for Event Management

The problem of evasion of systems has been a paramount issue considering that attackers have developed new means of exploiting firms’ perimeter systems (Galliers, & Leidner, 2014). The tactics utilized to make it a possibility for attackers to evade the security controls created within the system’s network. It is stated that a SIMs system cannot detect any attacks that were not logged in to the system (Laundon & Laundon, 2015).

There are vast positives in Security Information Systems, this makes it hard for them to realize critical events. The volume of this positive results may lead to fatigue within the system making it hard for it to gain any alerts about threats. Moreover, it takes a good amount of time to process and analyze alerts and other related events in order to conclude that an alert is a threat (Wagen & White, 2018). It is observed that a SIEM system has much focus on individual attacks and due to this, they forget about other campaigns that may be within the networks. Furthermore, some attacks cannot be alerted within the perimeter wall, in that no data about the attacks are recognized by agents (Peltier, 2016). On the same notion, there are no particular means of measuring the time between attack incidences and their origination. In other words, there is a chance of having much time between when an attack came up and when it was contained (Infinedo, 2014). The same time may also extend into when the attack was contained or rather closed.  In that case, current detection systems should be developed with the aim of ensuring that the time by which an attack is identified and contained is minimized (Pitch et al, 2015).

Effective intelligence should go beyond an individual attack and literally focus on a campaign launched by most attackers (Galliers, & Leidner, 2014). The solution given should consider algorithms applied in the past and the techniques used before to curb attacks in order to improve them. A Security Information System should be intellectually confined in order to detect attack campaigns and mechanisms used by hackers in order to proactively bring down the system. Current information systems should also be improved in order to have enough space to act as storage facilities that can secure all information as expected (Stair & Reynolds, 2017). A forensic storage facility is large enough to retain any digital data that can be utilized in detecting any malicious activities. The ample preservation of log data ensures that there is no leaking data left out for attackers (Lowry et al 2017). Bhatt et al (2014), observes that in addition to using SIMs for event management, there is a need for applying other elements in order to make the system a success. Some of the aspects that should be applied include;

2.3.1 Credentialing

This is a common method whereby only specific people are accepted to enter into restricted areas such as rooms where deejay equipment are stored or the VIP area. Every person who is credentialed to enter such a room is given a ticket by the patron in charge; with a SIMs, it is possible to identify authentic and fake passes. The use of credentials assists security planners in creating zones bounded by perimeters depending on the level of hierarchy (Erikson, 2017). Badges are also avenues of identifying law enforcers or security personnel.

2.3.2 Access Control

Events should hire varying levels of security to work hand in hand with SIMs. Screening and physical security can help in identifying specific items that cannot be traced by information systems such as guns, knives, unnecessary garden tools like saws or Tasers.

2.3.3 Surveillance and Observation

The utility of a security video camera is a normal security feature in most events. Cameras act as a logistical tool which really works well with security information systems. Agents in charge of the latter can monitor the cameras in order to identify a security breach. Digital videos are stored in order to be accessed by Security Information Personnel in the future to observe high vantage points that ought to have maximum protection.

2.4 Summary

Recent criminal attacks have illustrated the importance of applying security planning. An emergency response is also a prerequisite in preventing adverse effects that occur when an attack happens (Miller et al 2010). This applies to all types of events including; sports festivals, music concerts, fundraisers, a political campaign and a large fair. In the UK all the events mentioned are regular especially in London. There have been past claims of attacks in large festivals such as the Glastonbury Festival. The event which attains maximum attendance have undergone major challenges and due to this various case studies have been requested in order to solve the issues. It is apparent that the utility of Security Information Systems for Event Management is a great solution for these risk within large events (Stair, & Reynolds, 2017).  In the events, the likely threats that occur include; terrorism, theft, assaults, and robbery. Special interest groups such as terrorists view such events as opportunities to create fear and get noticed for their proclaimed Jihad actions.

Proper event safety ought to be tailored so that threats can be reduced. Security Information Systems have been proved as an effective tool in the prevention of tragedies within events (Bhatt et al 2014). As earlier mentioned, event organizers always prefer professional security experts but this ends up to be null since the guards are never that keen while the festival occurs. The security personnel tends to be limited hence they have an incapability of covering the whole event as expected. With a Security Information System, a security firm can manage to handle large groups of people despite their number being limited (Cassidy, 2016). The people on the ground can be assigned the task of preventing minor risks such as robbery or misconduct amongst attendees. In addition the information systems, the event planners should include public law enforcers since they have a better capability of handling drunk individuals or unruly fans. However, in these festivals, there are minimal reports about minor risks.

2.6 Research Questions

  1. How are security information systems currently in event management?
  2. What is the importance of security information systems in event management
  3. What are the limitations of using security information systems in event management



3.0 Research Methodology

 3.1 Introduction

Research methodology involves analyzing data gathered from varied resources (Creswell, 2012). In this research, an archival research study shall be carried out by studying literature that has published about different information systems departments that work towards the safety of events’ security. In this chapter, a scrutiny shall be carried out on the means of data collection, the research philosophy and appropriate approaches utilized in order to gather the right information. It is important to have a research philosophy in order to comprehend the methodology used. Ethical issues faced were also highlighted as well as the limitations.

3.2 Research Philosophy

It is stated that how one views the world determines the research philosophy to be adopted (Webster, & Watson, 2002). The research strategies in that case mainly rely on these assumptions. This part is quite important within the research study and mostly relates to understanding ideologies that can answer the stated research questions. It is eminent that this research study is based on the health and safety issues faced in large events. The study also tries to bring out the Security Information Systems that are applicable to events within the UK. In this study, positivism was chosen for the secondary data collection.

3.3 Research Approach and Design

The research design for any research project entails an analogous strategized plan through which one is able to identify the particular method to use in order to achieve research objectives. Saunders et al (2009) introduced the Research Onion Model that has been used by vast researchers in order to carry out an efficient research study. The process is composed of different layers which offer the researcher a chance to make a series of decisions before choosing the paramount approach to act as the research design or rather data collecting instrument. The research onion model diagram illustrates the various research designs:

|Fig 1; Research Onion Model (Saunders et al, 2009)

3.4 Research Strategy

The research strategy is viewed as a roadmap utilized towards achieving vast goals that relate to research (Saunders et al 2009). The map aids in attaining these goals as well as attaining the appropriate answers to the research questions.

The researcher decided to opt for an archival research design since it works best in attaining answers that can fulfill the purpose of the study. An archival research study involves collecting and evaluating data from past literature. The most prerequisite method is that which answers research questions fully and aids in getting appropriate recommendations for security matters that occur within events. The approach used was qualitative in nature. Answers given to questions chosen for the guide were used in obtaining information for the findings section. The research strategy, therefore, should be in line with the study’s objectives, theological underpinnings, and existing knowledge.

3.5 Method of Data Collection

In a research study, the researcher has the option of utilizing a single data collection method also referred to as the mono method or utilize vast data collection techniques referred to as the multiple methods (Webster, & Watson, 2002). The mixed method entails using qualitative and quantitative collection methodologies. In this research study, the mono method is used where qualitative data from archival literature is utilized to answer the research questions. In order to structure the archival literature study, there was a need to follow to a certain criterion in order to come up with comprehensive findings. A paramount phase in studying the literature is creating a procedure through which important data can be gathered in order to come up with the final artifact which in this case is the final research study (Levy & Ellis, 2006). The several phases used in carrying out the archival research will be discussed below.

3.5.1 Framing

Archival literature should have a frame through which specific literature is identified and highlighted (Levy & Ellis, 2006 p. 23). In this process, the researcher states the motivation behind carrying out the literature review and the selected topic. Despite framing being a process that fundamentally affects all phases, the literature review should consider dedicating a part that illustrates it. While framing one looked out for certain elements that make the chosen literature plausible. Some of these elements include; uniqueness, lack of biases, proper organizational skills, and strong theoretical frameworks. These attributes ensured that the researcher focused on content that is directly related to the chosen literature. Framing also aided in looking out for literature that will fit in the researcher’s topic.

3.5.2 Search and Assessment Phase

This step involved searching for journals and books that have been published and certified for use. The process of literature search independently relied on the objectives and goals of the dissertation. Particular works of literature reviewed in the second chapter assisted during the archival study. In this phase, the researcher identified the right literature and assessed its impact on the study.

3.5.3 Synthesis Phase

The overall aim in synthesis is trying to discover what past research has discovered and published in regard to the chosen topic (Webster, & Watson, 2002). In this case, the researcher described the concepts utilized in structuring the actual presentation of the literature’s findings. These findings were afterward presented in this dissertation’s discussion section.

3.5.4 Interpretation Phase

The benefits found within archival literature should go beyond content found in the synthesis phase. Therefore, the researcher tends to be critical in this phase to identify any underlying issues that have not been discussed and the literature content that stood out. The critical assessment also helped in revealing the challenges faced while studying the topic and some of the research gaps left from past literature. Wolfswinkel (2013) notes that a literature analysis contributes to the discovery of gaps within the theoretical foundations of the literature hence offering a platform for future explorations.

3.5.5 Conclusion Phase

This is the last phase whereby the researcher compiled the distinct information collected from the literature review. The researcher summarized key insights, the limitations of the study, the lessons learned and the unavoidable biases that were attained in the previous phases. Wolfswinkel et al (p. 53) state that this eventually motivates future researchers since they attain appropriate guidelines on how to carry out a similar research study.

3.6 Link to Research

The data collected from archival literature had a great attachment to the objectives of the research study. Content collected had to be in line with the research objectives and questions. In addition to that, the research methodology should strive towards ensuring that the goals of the study are fully attained. The archival literature study had a direct link to the objectives of the research study and this fulfilled the researcher’s purpose.

3.7 Data Quality

Data collected from a research study have to meet some standards. The quality of data prevents it from being biased hence making the research study authentic. The research study conducted was efficiently carried out so that the chosen literature could offer appropriate answers that would meet the researchers’ expectation. Information met the quality standards if it did not have any exaggeration or understatements in regard to event management and security information systems.

3.7.1 Data Collection from Archival Literature

An adequate planning session is appropriate while preparing to collect data. This is the basic reason as to why a preliminary study is carried out in order to identify any changes that should be carried out on the research questions. In order to attain general information regarding the research topic, the guide found in the appendix had entailed questions that would be answered suitably. Chosen questions were created within the right context in order to avoid irrelevant answers. Contextual notes were scribbled down when carrying out the study through the guide questions.  This would also aid in having a direct link to the required data. Flexibility was maintained throughout in order to be open about other author’s attitudes who are interested in Security Information Systems that deal with Event Management.

3.8 Ethical Issues

The issue of ethics is comparative, especially when collecting published information or while dealing with the firm. Authors have their own set standards hence as a researcher one should be careful to avoid violating the standards. The guide questions created for this study were carefully made to meet research standards. In order to avoid controversies, no information gathered was copyrighted to avoid any form of plagiarism. So as to promote research ethics, the following elements were maintained; integrity, uprightness and fairness.

3.9 Research Limitations

While gathering secondary information, varied limitations were experienced. Information regarding Security Information Systems for Event Management was not easily found online as well as in the library. It is apparent that researchers interested in the topic should carry out more research and publish it. This research study had its own objectives that should have been met by the end of it all. The factors that could contribute to this included; validity and veracity while choosing the right sources. The research faced a couple of limitations that were brought about by the lack of relevant archival literature that would odder sufficient data about the topic. It took too much time to identify authentic literature.




4.0 Findings and Discussion

4.1 Introduction

This section will interconnect findings found from the secondary research and those gained from the course. The concepts related to security information systems shall be discussed and how they aid in event management. The research problem which was discussed in the first chapters will be covered in this chapter referring to information collected in Chapter 2 and Chapter 3.

4.2 Use of Security Information Systems in Event Management

In a study carried out by (Miller et al 2010), the attitudes of event goers and system developers were sought out in order to understand the concept of Security Information Systems as well as event management. Below is a chart showing the different levels of security within large events in the UK; it is eminent that the events should consider using SIMS.

Fig 2: Pie Chart Illustrating Security levels in Large Events in the UK

Security Information in Systems are automated resolutions that built in order to improve compliance when it comes to security (Peltier, 2016). The regulatory requirements in the information systems spend significant time scrutinizing events and ensuring that event logs are in the track. Security is the paramount expectation for the systems in that if they fail there is a likely chance for the events having vast loopholes. Event holders are constantly looking for an efficient Security Information Event management System in order to ease the burden of insecurity as they hold their activities (Tarlow, 2002). Due to this, SIMS have taken the challenge in order to offer constructive solutions to the problem. Event goers constantly seek for events that uphold efficient SIMS programs (Miller et al, 2010).

There is no dominant vendor that offers a particular event management information system and due to this, there is constant competition between vast vendors (Wagen & White, 2018). There are many activities that arise within the IT industry and this is mainly brought by market positioning if the providers. SIMS has a long history attached to it whereby in the start it was entitled Security Information Management (SIM). This later evolved to SEM which is an acronym for Security Event Management. The two terms were coined into being SIMS (Solomon, 20160. There are three significant uses of SIMS which include;

  • Streamline compliance reporting: many firms deploy SIMS for this particular importance since they can manage to streamline compliance reports from their clients through logging solutions (Pitch et al, 2010). A host that requires to have logged security events get regular reports in regard to data that promotes security for their events.
  • Detection of incidents that cannot be detected: There are two core reasons that contribute to SIMS having the capability to detect an incident that could not be detected in the first place. The first reason being those vast hosts that provide a log to security events have not provided built-in software that can detect an unlikely incident (Stair & Reynolds, 2017). Despite these hosts having a capability to observe events, they lack the capability to look in to log entries that detect malicious activities that may harm an event. The second reason is that SIMS have a software that enables it to correlate varied events amongst hosts. Through gathering events, SIMS can manage to detect attacks that have varied parts that can only be seen by different hosts. By reconstructing the event series, the host is able to identify the type of attack that is likely to happen and if it has already happened whether it managed to succeed (Van & White, 2018).
  • Improving the efficiency of handling activities: A SIMS can significantly improve efficiency while handling varied events and this helps in saving resources as well as time (Lowry & Wilson, 2017). Handling of incidents also aids in the speeding containment of incidents and thereby reducing the level of damage caused by a malware. The benefits of SIMS products make them a necessity in event management (Erikson, 2017).

A SIMs system offers adequate monitoring as well as evaluation of security events and this ensures quick remediation before a damage occurs (Feng & Wang, 2014). The system allows the event planners who are the users to create content and some form of criteria that comply with their own conditions. However, the conditions set by the users should configure with a system to avoid tampering with the fast identification of a security threat towards the event. Agents employed to monitor the information system should always be in close contact with the planners in order to inform them of collected data or of any irregular occurrences that may affect the event (Lowry & Wilson, 2017). The detected threats can either be online or in abstract from. In the case of online threats, there may be individuals that may be tarnishing the event through cyber-attacks (Chen et al 2015). The latter is a common type of harm that occurs in the recent world which has led to many elites and established firms falling. The same can also lead to an event lacking any attendees.

4.2.1 Scope of a SIM

Before installing a Security Information System for events, it is vital to creating a scope and a focus (Lowry et al 2017). The scope, in this case, becomes the driver of the whole project and due to this, it becomes related to elements connected to the information system such as; security, operations as well as compliance. The three are encompassed so that they can satisfy the needs of the event planning firm. If a need rises for a compliance scope, then the SIM Company creates room for that (Lowry et al 2017 p.18). The firm managing the system should also be ready to create a security scope that can protect the purpose offered to it. In this research study, the main focus was event management hence the scope and focus should dwell on the best means of managing the event. The SIM Company should also focus on the following elements;

  • Focus on the specific locations that are a danger to event goers.
  • Focus on the particular areas that need to be investigated in order to prevent future threats.
  • Focus on the channels of communication that can give a lead on threats that affect event management.

Scopes and focus of the program can be picked separately but remain to be connected as the project takes place.

4.2.2 Audit and Compliance Scope

SIM tends to be an extension of log management and this creates its relevance in IT which is a great component in event management (Infinedo, 2014). While auditing, agents mainly used technology to understand the particular areas that require improvement and maximized security. Infinedo, (2014, p. 43) observes that SIMs agents audit in order to check whether the event planners have applied all necessary policies to minimize any type of threats as the event takes place. Whenever compliance is considered as the core driver when it comes to SIMs installation and application, the systems ensure that all log entered and studied are efficient according to the policies listed in the contract. There are security standards that companies distributing SIMs should follow. By adhering to this, the firms ensure that they log all event occurrences that occur prior to the event which stands as a threat to the event (Lowry et al 2017). Any important information collected is communicated to the event planners so that they can rectify the situation before it becomes worse. The SIMs firm also provides appropriate solutions that can get applied in order to curb threats immediately. Saving the log files is a prerequisite since the client may request to audit logged in entries (Galliers & Leidner, 2014). This is referred to as resource access monitoring which is a valid reason as to why most companies prefer utilizing Security Information Systems.

Fig 3: Security management process

4.2.3 Security

Security is another core driver and aspect provided within Security Information Systems (Infinedo, 2014). This mainly applies when it comes to handling external threat monitoring or security monitoring in events. The log files are constantly monitored in order to check for any indicators of threatening digital or external attacks (Feng et al 2014). Correlation is very important in this step since attacks may spread quite fast without the networks noticing. In order to make sure there is extensive security monitoring, an extensive log analysis is carried out by agents to pick up any points that may lead to them identifying threats. Attack vectors are easily detected by the use of Security Information Systems (Chen et al 2015).

4.2.4 Operations

This aspect is important when it comes to resource management. Hardware elements are investigated with the help of the vent planners (Cassidy, 2016). The resource management tracks any kind of threat and reports to SIMs agents. This is by keeping track of their own servers in order to detect any threats within the natural surrounding or within their technical gadgets. Information provided by resource management is afterward compared to that found in log files to find any correlation (Bhatt et al, 2014).

4.3 Challenges OF Using SIMs in Event Management

Attackers are prompt in gathering data that is related to security systems in order to comprehend the types of attacks that the networks can handle. This meant to create a ground for a later attack. This is ultimately possible since the attackers study the vulnerabilities of the system and the means by which they cannot be detected after the attack. Targets on a network are common, especially in security firms. The attackers systematically create a toolkit which is deployed in the aimed system (Feng et al 2014). The toolkit is able to establish an ongoing communication within the target network and use it in their defense. After all, is done, the toolkit has the ability to complete its mission by concealing any tracks of stolen data. During the research phase of the whole attack there are reconnaissance activities used such as; packet sniffers, look up tools, port scanning and ping sweeps (Lowry et al 2017). According to Stair & Reynolds (2017), a SIM system is created in a manner at which events can be aggregated and evaluated through information from various devices. In that case, it is considered as a great tool for event management especially when it comes to compliance.

The evasion techniques used by attackers make the SIMS system less ideal especially in detecting threats their investigation body also becomes vulnerable (Stair & Reynolds, 2017). With such mere weaknesses, event managers are likely to decline form utilizing Security Information Systems. The core challenge that faces the current systems is the vast amount of logs of big data and their unstructured nature making it easy to tamper (Chen et al 2015). This is a common situation especially in event management whereby the developers have to handle large loads of data in regard to the occasion.

4.3.1 Security Measures in Events

Fig 3: Security Measures in Large Events (Bhatt et al 2014)

From the findings obtained from the archival research, above are the security measures utilized mostly in large events. Security Information Systems are not considered as a priority.


5.0 Conclusion and Recommendations

5.1 Conclusion

A Security Information System is a combination of several elements in order to come to a lead of any planned threats or attacks that may be harmful to an event (Galliers & Leidner, 2014). Their utility is tested by analyzing log entries in networks by agents who are expert in understanding code languages and malware. The collected information is evaluated and solutions are created to solve the problem instantly. The archival literature illustrated that most events are not aware of Security Information Systems and they prefer using other channels of security such as; hiring security guards, assigning authority figures to secure the event or having security personnel to guard the events by having agents on the ground while others check through surveillance cameras. Event planners should consider applying Security Information Systems due to their numerous merits.

The use of SIMs in event management is a prerequisite in most firms. It is evident that most firms are inclined towards hiring a security firm in order to prevent any attacks that may lead to harm of their fans or theft of their commodities (Bhatt et al 2014). This research study mainly focused on the use of Security information systems. The Literature review carried out opens up a platform for understanding the importance of using Security Information Systems in event management. This research topic was very diverse hence the need for understanding the elements found in it.  The research objectives were thoroughly utilized in each step to avoid being out of topic. A paramount feature of Security Information Systems is the capability to handle any malware threats or external threat that may affect the event (Galliers & Leidner 2014). This makes this feature special for event planners who are very cautious about threats that may affect the entire event.

The vast attacks that affect events are preventable especially when detected early (Cassidy, 2016). It is the role of event planners to be ahead of the game in order to prevent any unexpected attacks during the event. While collecting information, there was a need for collecting data from any available sources. Due to this, the library books were used as well as literature from journals found online. The literature material was educative and this contributed to this comprehensive study. My colleagues from class were very helpful especially in collecting data through the secondary research. Some of them assisted by offering books and literature material that had content referring to the research topic. In addition to that, they helped in identifying the best channels of gathering the right data. The only challenge faced is that of identifying the right content that would contribute positively to the study.

5.2 Recommendations

The scope within Security Information Systems is broad enough to cover up issues that may be a threat to event managers (Feng et al, 2014). It is expected for resource managers to be part of the investigative teams. The managers should be active to detect any threats that should be communicated to Security Information Systems agents so that they can broaden their spectrum of security. The research study revealed that Security Information Systems are vital when it comes to handling threats related to Event management. However, they cannot work on their own without other support systems. Many are the times that crowds are attacked without the knowledge of event planners and this comes to them as a surprise. It becomes such a shock that some of these events are banned from ever happening. The safety of these events is therefore paramount for any event and this, therefore, means event planners should take action of looking for the best solutions.


Reflective Log

The graduate course was a very important step in my education foundations as well as my career. The course was enlightening and educative especially when it comes to the use of Security information systems for event management. There are vast skills that were attained especially when it comes to handling events. There are many issues that are faced during events that may be difficult to handle by security guards only. That is the basic reason as to why Security Information Systems are applied. The acquired knowledge is very helpful in my personal life as well while handling my career. Information systems are vital in today’s world especially while handling threats that may be abstract or concrete. Career wise, I have a competitive advantage over other members of staff since I can introduce the system in my place of work. This definitely helps me to have a smooth transition within any established firm.

Entrepreneurship is a great step in anyone’s way of life. The data obtained from this research study was very helpful. One probability about any business is the risk of facing threats such as robbery, clobbering or theft within the enterprise. From this course, it is observable that this easily happens due to the lack of concern from management bodies. With such knowledge as a manager, I should strive towards installing security information systems to detect any forms of irregular activities. PoS systems are commonly used in most firms but it is important to incorporate security Information Systems. The latter is probably the best channel of handling business activities since they have the capability of monitoring loopholes and providing solutions for the same loopholes.

As I finish up with my final units, I can carry out a SMART reflective log of the vast skills that were attained during the course. A great sense of empowerment has been achieved during the journey especially while undertaking this research study. The topic was thoroughly researched before chosen so that I would know the type of impact that I would have after the study. Ultimately, a lot of impacts was felt since the topic is narrowly discussed based on the journals and books read. The experience acts as a foundation as I pursue the journey of research since I have a vision of proceeding into attaining a Doctorate. My lecturers have really been of help especially while taking up the postgraduate course. They constantly encouraged me and assisted me where things were not that smooth. Through their aid, I carried out this dissertation with the expected research standards.

My class acquaintances were also quite helpful and their integrity came in handy during the vast discussion groups we carried out. Various challenges were faced during this process especially when it came to undertaking this dissertation. Too much work was involved and also there were constraints faced especially while looking for the right sources for the study. Despite these minor challenges, there are vast skills that were attained. For instance, there were communication skills achieved as well as research skills. The same skills can be used in other fields of work.



Bhatt, S., Manadhata, P. K., & Zomlot, L. (2014). The operational role of security information and event management systems. IEEE security & Privacy, (5), 35-41.

Brown, S., Gommers, J., & Serrano, O. (2015, October). From cyber security information sharing to threat management. In Proceedings of the 2nd ACM workshop on information sharing and collaborative security (pp. 43-49). ACM.

Cassidy, A. (2016). A practical guide to information systems strategic planning. Auerbach Publications.

Chen, Y. A. N., Ramamurthy, K. R. A. M., & Wen, K. W. (2015). Impacts of comprehensive information security programs on information security culture. Journal of Computer Information Systems55(3), 11-19.

Creswell, J. (2012). Qualitative inquiry and Research Design: Choosing among Five Approaches. SAGE Publication

Eisen, O., & Pandich, S. G. (2016). U.S. Patent No. 9,396,331. Washington, DC: U.S. Patent and Trademark Office.

Eriksson, J. (2017). Threat Politics: New Perspectives on Security, Risk and Crisis Management: New Perspectives on Security, Risk and Crisis Management. Routledge.

Feng, N., Wang, H. J., & Li, M. (2014). A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis. Information sciences256, 57-73.

Galliers, R. D., & Leidner, D. E. (2014). Strategic information management: challenges and strategies in managing information systems. Routledge.

Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialization, influence, and cognition. Information & Management51(1), 69-79.

Laudon, K. C., & Laudon, J. P. (2015). Management information systems (Vol. 8). Prentice Hall.

Lowry, P. B., Dinev, T., & Willison, R. (2017). Why security and privacy research lies at the centre of the information systems (IS) artefact: Proposing a bold research agenda. European Journal of Information Systems26(6), 546-563.

Kavanagh, K. M., Rochford, O., & Bussa, T. (2015). Magic Quadrant for security information and event management. Gartner Group Research Note.

Lim, K. (2016). U.S. Patent No. 9,407,662. Washington, DC: U.S. Patent and Trademark Office.

Miller, D. R., Harris, S., Harper, A., VanDyke, S., & Blask, C. (2010). Security Information and Event Management (SIEM) Implementation (Network Pro Library). McGraw Hill.

Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2016). Managing and Using Information Systems, Binder Ready Version: A Strategic Approach. John Wiley & Sons.

Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications. Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.