IT Survey: 69% of Enterprises Plan to Slash SIEM Costs

SIEM-Predictions-For-2015IT auditing software provider Netwrix Corporation has released the results of the 2016 SIEM Efficiency Survey, a collection of opinions from 234 large enterprises that use SIEM solutions for security and IT infrastructure monitoring.

Security Information and Event Monitoring, or SIEM solutions, as we well know,  are complex systems that require thorough maintenance and support, which can often skyrocket expenses.

The need to hire and train more SIEM analysts is named as the main factor that significantly influences the total cost of SIEM ownership. It earned the highest score (4.8) in the rating of expenses. In addition, 69% of respondents already consider options that would help them reduce SIEM bills for maintenance and licensing.

Other findings of the survey show:

  • SIEM is necessary for better security threat awareness. According to 67% of IT pros, the ability to detect security threats in real time is the top driver for deploying SIEM. Other popular reasons include more efficient root-cause analysis and incident investigation caused by unwelcome changes (61%), and streamlined compliance reporting (50%).
  • Excessive data might be worse than lack of data. SIEM reports containing too much noise data continue to bother about 81% of users, compared to 75% revealed in theprevious survey held in 2014. Reports demonstrate the disparate array of raw logs that complicate understanding of who did what, when and where. However, 68% (61% in 2014) claim that SIEM reports don’t provide enough information, such as before and after values of the changes.
  • Reports are difficult to understand. When it comes to passing compliance audits or validating internal security policies, 65% of respondents regularly face issues with finding necessary audit data upon request. Also, 63% of respondents (55% in 2014) see difficulties in understanding the reports, and 57% of respondents have to manually adjust data to make the reports understandable to non-tech stakeholders.
  • Additional solutions are able to fill the gaps. About 55% of enterprises rely on human resources and prefer to hire additional SIEM analysts. While 41% opt for SIEM integration with third-party solutions. Which in turn makes 86% of these companies happy about using IT auditing as a third party solution to overcome SIEM drawbacks.

“In the past few years, SIEM solutions have become a cornerstone of organizations’ security policies. Although SIEM solutions are widely used in the enterprise sector, the study shows that companies are not completely satisfied with the high costs and level of visibility provided by SIEM,” said Alex Vovk, CEO and Co-Founder of Netwrix. “The tendency we see today is that most companies are not ready to put up with considerable expenses and limitations. The companies are looking for ways to solve this problem and finally understand what is going on in their IT infrastructures. IT auditing can become a perfect solution to overcome these drawbacks and provide complete visibility, while decreasing IT costs.”

Widget not in any sidebars
Jeff Edwards
Follow Jeff

Leave a Reply

Your email address will not be published. Required fields are marked *