By the Numbers: Today’s Enterprise SIEM Risks and Threats

By the Numbers: Today's Enterprise SIEM Risks and Threats

So what are the top enterprise SIEM risks facing IT security teams today? What cyber-attack vectors should your enterprise focus on protection for your cybersecurity future? How do you protect your databases and users adequately? 

First, the good news: cybersecurity and SIEM solution providers constantly release reports, surveys, and studies on digital risks. With updated information on the most pressing SIEM risks, your enterprise can make informed decisions on its cybersecurity policies. 

However, this can prove a huge volume of information to sift through and process. Thus we present a compilation of the most pressing and dangerous SIEM risks facing your business today. 

Before we begin, you may wonder whether you should worry about your cybersecurity and SIEM. Surely, hackers won’t target your business! It’s too small or insignificant!  Also, your industry doesn’t collect the kind of information hackers would find valuable!

Unfortunately, this represents delusional thinking. According to Switchfast Technologies, 60% of small to medium-sized businesses (SMBs) must shutter operations within six months of suffering a data breach. Yet 46% of all SMBs will become the victim of a data breach. 

Therefore, these numbers may become incredibly relevant to your enterprise’s future. Best pay attention now.         

By the Numbers: Enterprise SIEM Risks

SIEM Risks According to Gartner 

  • 83 percent of enterprises utilizing third-party services discover a cyber risk after conducting due diligence. 
  • Of the risks discovered through due diligence, 31 percent presented potential material impact.  

According to Gartner, practicing due diligence with your cybersecurity can help detect threats not evident at first examination.  

Risks According to Exabeam and the Ponemon Institute

  • Cybersecurity professionals spend 25 percent of their time chasing false positives.
  • IT security teams must address around 4,000 security alerts a week.
  • 46 percent of less effective SOCs complain of slight understaffing. 
  • On average, understaffed SOCs need anywhere between six and ten employees. 

In other words, you need a next-generation SIEM solution which can help reduce the number of alerts and false positives. Capabilities like contextualization and automated investigations can help.   

According to Willis Towers Watson and ESI ThoughtLab

  • Firms and enterprises lose $4.7 million to cybercriminals annually. 
  • 10 percent of firms lose more than $10 million due to cyber attacks.
  • The percentage of enterprises suffering from cybercriminals’ attack tactics increased from 57 percent to 71 percent.

This study highlights two important considerations concerning SIEM risks. First, it highlights just how much money you may put at risk by neglecting your cybersecurity. Meanwhile, the second illustrates that these issues will never go away. If anything, the digital dangers only appear poised to increase.    

According to the Verizon 2019 Data Breach Investigations Report

  • Ransomware constitutes almost 24 percent of security incidents.
  • External threat actors contribute 69 percent of all breaches.
  • Insider threats contribute 34 percent of breaches.

SIEM risks don’t just begin from the digital perimeter. You need to use your threat detection and alerts to watch for insider threats and malware alike. 

According to Gurucul

  • Over 70 percent of all enterprises possess a vulnerability to insider threats.
  • 40 percent of enterprise respondents said they can’t detect either an insider threat during or after it moves data outside the network.
  • Only 36 percent can detect an insider threat in real-time.
  • One-third of IT professionals focus on reacting to insider threats rather than proactive prevention. 

Here, we find another report which emphasizes the threat from insider threats. However, this also highlights the importance of incident response and full network security monitoring in your SIEM. Above all, you can’t afford to lose track of potential SIEM risks and insider threats in your network. 

According to Exabeam 

  • 57 percent of enterprises remain unfamiliar with cryptojacking.
  • 47 percent of cybersecurity professionals don’t feel confident about detecting or preventing cryptojacking or shadow mining with their current cybersecurity policies or tools.

Here, Exabeam demonstrates the importance of continuous next-generation threat intelligence. Without knowing what you need to defend against, how can your cybersecurity hope to keep up with SIEM risks? 

SIEM Risks According to Positive Technologies

  • 2018 saw three times the number of web application security vulnerabilities compared to 2017.
  • On average, each web application contained 33 vulnerabilities.
  • Simultaneously, an average of 6 out of 33 vulnerabilities qualifies as high severity.

Web applications constitute a major vulnerability in your network and cybersecurity risk. Therefore, you need a SIEM solution that can monitor and defend against such threats.  

According to BAE Systems Applied Intelligence

  • 71 percent of enterprises surveyed said they experienced a phishing incident. 
  • 66 percent of surveyed enterprises responded to anywhere between 1 and 25 cybersecurity incidents per month.
  • 65 percent of incidents started with an untargeted virus or malware attack.

Cybersecurity matters not just to your safety but also to your workflows and reputations. Above all, you need to address the dangers and SIEM risks facing your enterprise. You can get started by downloading our 2019 SIEM Buyer’s Guide. Alternatively, you can check out our Vendor Map.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner