In these rough-and-tumble days of data breaches, we tend to look to the largest enterprises as examples. This makes sense to a certain degree; data breaches on the largest enterprises tend to be the most attention-grabbing and the most devastating. Additionally, we tend to follow the SIEM cybersecurity market as it relates to the corporate giants and how it protects their networks.
This again is understandable, but leaves open the question: what about the mid-market enterprises and organizations? What about the medium-sized retailers, manufacturers, and municipalities?
To answer these questions, the analysts of Frost & Sullivan prepared the executive brief “Security Information and Event Management (SIEM) Mid-Market Analysis” for SIEM solution provider AlienVault. We read through this brief, available for free courtesy of AlienVault, and found some key findings on the SIEM requirements of mid-market enterprises.
Mid-Market SIEM Requirements
Frost & Sullivan found that mid-market SIEM needs to focus on three major areas:
- Formalized Storage (including data normalization and log recall, essential for proper security event analysis)
- Forensics investigation via access to all related directory groups, operating systems, and applications.
However, there may be a fourth capability not explicitly labeled by Frost & Sullivan: integration. Although the analysts state that SIEM vendors compete with other security analytics solutions such as vulnerability management, network access control, intrusion detection systems, threat intelligence, and threat sensing to secure the mid-market, the relation may be more symbiotic.
When SIEM integrated with another solution or with advanced threat detection, mobile device management, or a firewall, both the SIEM and the platform with which it’s integrating become more efficient. The implication is that mid-market enterprises benefit from an integrated cybersecurity platform incorporating different priorities and capabilities. Each system can inform and alert the others on potential threats, especially important for zero-day threats or penetrative attacks.
The SIEM Mid-Market Competitive Environment
Frost & Sullivan listed the competitive factors for mid-market enterprise SIEM solutions:
- Compliance Reporting and Auditing
- Threat Prioritization
- Access to Tech Support/Customer Service
They also listed the possible deployment options for a SIEM solution, including cloud-based, managed detection and response (MDR), SIEM-as-a-service, co-managed SIEM, and all in one appliance.
With these established, Frost and Sullivan gave their Top Competitors for SIEM for mid-market enterprise: AlienVault, SolarWinds, Alert Logic, Arctic Wolf, EventTracker, and LogRhythm.
What’s at Risk For the Mid-Market?
Recently, identity and access management solution provider CA Technologies revealed their own commissioned Frost & Sullivan report: “The Global State of Online Digital Trust.” The aim of this study was to quantify the oft-cited connection between data breaches and loss of consumer trust.
- 48% of consumers stopped using the services of at least one enterprises due to a data breach.
- 48% of enterprises were involved in a publically disclosed data breach.
- 59% of enterprises report moderate to strong long-term negative impact to business results after a breach.
- 86% of consumers prefer security over convenience.
A large or global enterprise might be able to weather these negative effects of a data breach…but a mid-sized enterprise could be seriously and permanently damaged by them. The truth is obvious: mid-sized enterprises need a SIEM solution call upon in these dangerous digital times.
If you would like to read the Frost & Sullivan “Security Information and Event Management (SIEM) Mid-Market Analysis” in full, you can download a free copy here courtesy of AlienVault.
Latest posts by Ben Canner (see all)
- A Conversation with Travis Knapp-Prasek of NCC Group on Phishing Attacks - April 2, 2020
- The Marriott 2020 Breach: What You Need to Know - April 1, 2020
- Business SIEM Advice for After the End of Coronavirus - March 31, 2020