How is the SIEM (security information and event management) market evolving? The short answer involves MSSPs needing SIEM tools that support newer technologies, including user & entity behavior analytics (UEBA), security operation and automation response (SOAR), and forensic analysis, researcher Frost & Sullivan said in a new report.
The SIEM market will grow 60 percent to $3.2 billion by 2023, based on the global market analysis forecast. Currently, SIEM providers are zoned in on automated detection and response. But that has to change.
"SIEM vendors are currently focusing on enhancing incident detection and response by employing machine learning to diminish the high rates of false positives generated by SIEM tools," said Mauricio Chede, Frost & Sullivan digital transformation senior industry analyst. "SIEM 3.0, with its high degree of automated response and remediation, can detect malicious threats attempting to penetrate the environment and automatically perform actions to thwart attackers' advances," he said.
In 2018, North America accounted for 65 percent of the SIEM market while Europe, the Middle East and Africa accounted for 20 percent, Asia Pacific made up 12 percent and Latin America four percent, according to Frost & Sullivan. Helping channel partners to develop effective go-to-market strategies to evolve from selling products to solving business problems is a key factor in the market's growth, the analyst said. Other drivers include:
- Automating the platform to increase the reliability of alert analysis and improve security analyst productivity.
- Employing the cloud for multi-tenancy and distributed administrative functions.
- Building a data lake to receive the logs from other security tools and then correlating and analyzing them to block advanced or unknown attacks with less human intervention.
- Ensuring compliance with global and local data protection regulations.