Key Findings: SIEM Mid-Market Analysis from Frost & Sullivan

SIEM Mid-Market AlienVault Frost & Sullivan Report

In these rough-and-tumble days of data breaches, we tend to look to the largest enterprises as examples. This makes sense to a certain degree; data breaches on the largest enterprises tend to be the most attention-grabbing and the most devastating. Additionally, we tend to follow the SIEM cybersecurity market as it relates to the corporate giants and how it protects their networks.

This again is understandable, but leaves open the question: what about the mid-market enterprises and organizations? What about the medium-sized retailers, manufacturers, and municipalities?

To answer these questions, the analysts of Frost & Sullivan prepared the executive brief “Security Information and Event Management (SIEM) Mid-Market Analysis” for SIEM solution provider AlienVault. We read through this brief, available for free courtesy of AlienVault, and found some key findings on the SIEM requirements of mid-market enterprises.

These include:

Mid-Market SIEM Requirements

Frost & Sullivan found that mid-market SIEM needs to focus on three major areas:

  • Compliance
  • Formalized Storage (including data normalization and log recall, essential for proper security event analysis)
  • Forensics investigation via access to all related directory groups, operating systems, and applications.    

However, there may be a fourth capability not explicitly labeled by Frost & Sullivan: integration. Although the analysts state that SIEM vendors compete with other security analytics solutions such as vulnerability management, network access control, intrusion detection systems, threat intelligence, and threat sensing to secure the mid-market, the relation may be more symbiotic.

When SIEM integrated with another solution or with advanced threat detection, mobile device management, or a firewall, both the SIEM and the platform with which it’s integrating become more efficient. The implication is that mid-market enterprises benefit from an integrated cybersecurity platform incorporating different priorities and capabilities. Each system can inform and alert the others on potential threats, especially important for zero-day threats or penetrative attacks.      

The SIEM Mid-Market Competitive Environment

Frost & Sullivan listed the competitive factors for mid-market enterprise SIEM solutions:

  • Compliance Reporting and Auditing
  • Threat Prioritization
  • Extensibility
  • Access to Tech Support/Customer Service

They also listed the possible deployment options for a SIEM solution, including cloud-based, managed detection and response (MDR), SIEM-as-a-service, co-managed SIEM, and all in one appliance.

With these established, Frost and Sullivan gave their Top Competitors for SIEM for mid-market enterprise: AlienVault, SolarWinds, Alert Logic, Arctic Wolf, EventTracker, and LogRhythm.

What’s at Risk For the Mid-Market?

Recently, identity and access management solution provider CA Technologies revealed their own commissioned Frost & Sullivan report: “The Global State of Online Digital Trust.” The aim of this study was to quantify the oft-cited connection between data breaches and loss of consumer trust.

They found:

  • 48% of consumers stopped using the services of at least one enterprises due to a data breach.
  • 48% of enterprises were involved in a publically disclosed data breach.
  • 59% of enterprises report moderate to strong long-term negative impact to business results after a breach.
  • 86% of consumers prefer security over convenience.

A large or global enterprise might be able to weather these negative effects of a data breach…but a mid-sized enterprise could be seriously and permanently damaged by them. The truth is obvious: mid-sized enterprises need a SIEM solution call upon in these dangerous digital times.  

If you would like to read the Frost & Sullivan “Security Information and Event Management (SIEM) Mid-Market Analysis”  in full, you can download a free copy here courtesy of AlienVault.  

Other Resources:

Get Your Employees to Embrace SIEM Best Practices!

4 Tips to Make Data Breach Detection Easier For Your Enterprise

Enterprises: Don’t Become Complacent in Your Cybersecurity!

How to Make Your SIEM Solution Deployment Easier for Your Enterprise

Comparing the Top SIEM Vendors — Solutions Review

How UEBA Can Prevent Insider Threats in your Enterprise

SIEM vs Security Analytics: What’s the Difference?

Should Risk Analytics Bridge the Cybersecurity Talent Gap?

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *