SIEMs are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.

Dawn Kawamoto, Former Associate Editor, Dark Reading

September 27, 2017

8 Slides

Infosec professionals working with security information and event management (SIEM) systems may find themselves in a love-hate relationship – they love the concept of the SIEM's incident response capabilities, but hate their potential fist-full of problems and surprises, according to a presentation this week at the ISC(2) Security Congress convention in Austin, Texas. 

More than half of SIEM users are displeased with the intelligence they glean from the technology, according to a presentation by Cyphort, which sponsored a SIEM survey by the Ponemon Institute and one from Osterman Research. Both surveys collectively represented nearly 1,000 enterprise SIEM users, says Franklyn Jones, Cyphort's chief marketing officer, who gave the presentation.

Here are seven major problems SIEM users face, according to Cyphort's presentation and, based on interviews with Dark Reading, solutions offered by a Forrester Research analyst, and various SIEM vendors.

About the Author(s)

Dawn Kawamoto

Former Associate Editor, Dark Reading

Dawn Kawamoto was formerly a Associate Editor for Dark Reading, where she covered cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's News.com, TheStreet.com, AOL's DailyFinance, and The Motley Fool. More recently, she served as associate editor for technology careers site Dice.com.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights