Security information and event management (SIEM) tools frequently help organizations simultaneously identify cyber threats and reduce security breaches, according to a survey of cybersecurity professionals conducted by unified protection and threat management solutions provider AlienVault.
Key findings from the AlienVault "2019 SIEM Survey Report" include:
- 86 percent of cybersecurity professionals stated they are satisfied with the effectiveness of their organization's SIEM platform.
- 76 percent said their organization's use of SIEM tools has resulted in a reduction of security breaches.
- 76 percent ranked SIEM as "very important to extremely important" to their organization's security posture.
- 46 percent indicated their organization's SIEM platform detects at least half of all security incidents.
- 40 percent cited a lack of skilled security staff to operate an SIEM platform as the biggest bottleneck to optimize their platform use, followed by the need to manually create or refine rules (34 percent) and lack of budget (34 percent).
- SIEM tools are most commonly used to monitor, correlate and analyze activity across multiple systems and applications (68 percent) and discover external and internal threats (62 percent).
- Over the next 12 months, cybersecurity professionals are focused on improving threat detection (55 percent), proactive hunting for cyber threats (48 percent) and threat investigation and analysis (44 percent).
In addition, 40 percent of cybersecurity professionals expect their SIEM technology budgets to increase over the next 12 months by an average of 20 percent, AlienVault said.
Admittedly, the research can potentially be considered self-serving since AlienVault focuses on SIEM and security-related tools for MSSPs and channel partners. But the data, nonetheless, reveals key SIEM-related trends and perspectives, MSSP Alert believes.
How Can MSSPs Integrate SIEM Tools into Their Portfolios?
AlienVault, which AT&T acquired in mid-2018, offers a partner program that enables MSSPs to incorporate SIEM tools into their portfolios. Other SIEM providers that partner with MSSPs include:
- CyberGuard360: Security monitoring and management company CyberGuard 360 this month launched CyberGlass SIEM 2.0, a new version of its SIEM platform for MSSPs and MSPs.
- Exabeam: The Exabeam Security Management Platform delivers threat detection, user event behavioral analytics (UEBA) and incident response capabilities.
- LogPoint: The LogPoint SIEM solution ingests security data, provides contextual insights into threat intelligence and automatically detects and notifies end users about security incidents.
SIEM tools help organizations quickly collect data, detect and analyze cyber threats and respond to cyberattacks. As such, demand for next-generation SIEM tools is expected to increase.
The global next-generation SIEM tools market could be worth nearly $6.8 billion by 2023, industry analyst Research and Markets stated. Meanwhile, MSSPs that incorporate next-generation SIEM tools into their portfolios could capitalize on this market's growth.