Why Complexity Issues Persist in SIEM and Cybersecurity

Why Complexity Issues Persist in SIEM and Cybersecurity

Recently, a survey by the Ponemon Institute, sponsored by AttackIQ, unveiled complexity issues and visibility issues in enterprise cybersecurity. In “The Cybersecurity Illusion: The Emperor Has No Clothes,” Ponemon surveyed 577 IT and IT security practitioners in the United States. They discovered that though enterprises spend an average of $18.4 million annually on cybersecurity, data breaches persist. 

Among the key findings of the Ponemon Institute and AttackIQ, they determined: 

  • 53% of experts admit to feeling in the dark about how their technologies perform and meet cybersecurity expectations.
  • Additionally, only 39% of respondents feel they get the full value from their security investments. 
  • Only 41% say their enterprise can effectively determine security gaps and close them. 
  • Meanwhile, 56% say data breaches persist due to visibility issues in their networks. 
  • Only 35% say they have a high degree of confidence in visibility in their cloud and IoT devices.   

The Ponemon Institute and AttackIQ cite multiple causes at the heart of these issues. Indeed, enterprises often face a lack of in-house expertise due to the cybersecurity staffing crisis. However, enterprises also face an insidious threat: complexity issues. 

Our SIEM Buyer’s Guide helps you evaluate the best solution for your use case and features profiles of the leading solution providers and their key capabilities.

Why Complexity Issues Persist in Cybersecurity  

In part, Ponemon and AttackIQ found complexity issues persist in cybersecurity due to a lack of automation. Only 24% of the respondents say they use an automated solution which could help them close security gaps.

Yet most complexity issues in cybersecurity stem from over, not under, preparing. On average, respondents say their enterprises deploy 47 separate cybersecurity solutions. Having so many solutions deployed at once does not close cybersecurity gaps. In fact, too many solutions can cause integration issues which in turn creates more cyber security gaps. 

Instead, enterprises should look for a streamlined cybersecurity and SIEM solution which fits their particular use case. Ideally, this solution should offer next-generation SIEM capabilities like threat detection, security correlation, and log management, as well as scalability. 

You can learn more by reading our 2019 SIEM Buyer’s Guide. In it, we cover the top providers in the field and their key capabilities. Also, you can check out the “The Cybersecurity Illusion: The Emperor Has No Clothes” report by the Ponemon Institute and AttackIQ here. 

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner