informa
Slideshow

7 SIEM Situations That Can Sack Security Teams

SIEMs are considered an important tool for incident response, yet a large swath of users find seven major problems when working with SIEMs.
Expenses are More Than Expected
Configuration and Maintenance are Complex
Staffing Costs Higher Than Expected
Generates a Wall of Noise
Lacks Adequate Visibility into Network Traffic
More Long-Term Storage is Needed
Task Automation is Often Missing
1/7

Infosec professionals working with security information and event management (SIEM) systems may find themselves in a love-hate relationship – they love the concept of the SIEM's incident response capabilities, but hate their potential fist-full of problems and surprises, according to a presentation this week at the ISC(2) Security Congress convention in Austin, Texas. 

More than half of SIEM users are displeased with the intelligence they glean from the technology, according to a presentation by Cyphort, which sponsored a SIEM survey by the Ponemon Institute and one from Osterman Research. Both surveys collectively represented nearly 1,000 enterprise SIEM users, says Franklyn Jones, Cyphort's chief marketing officer, who gave the presentation.

Here are seven major problems SIEM users face, according to Cyphort's presentation and, based on interviews with Dark Reading, solutions offered by a Forrester Research analyst, and various SIEM vendors.

 
Next slide
Recommended Reading: