A system securing a computer network having various devices connected thereto. The system includes a security subsystem connected to the devices in the network, a master security system, and a first communication medium connected between the security subsystem and the master security system. The network devices generate event messages when under attack. The security subsystem generates multiple views, each view including a subset of the event messages generated by the devices. The security subsystem includes an event analyzer, which analyzes the event messages across multiple views to determine if any of the associated events exceeds a predetermined threshold. The master security system receives the associated events, which exceed the predetermined threshold, from the security subsystem through the first communication medium.