by Anton Chuvakin | December 19, 2012 | Comments Off on Services: A MUST for SIEM!
We recently published a set of annual Gartner Predicts 2013. I wanted to draw your attention to one of them “Predicts 2013: Cloud and Services Security.” Specifically, it contains the following prediction: “By 2015, over 30% of SIEM deployments will include service-based event monitoring or SIEM management components, up from less than 5% today.” Think about this for a second: a lot more people will engage professional services to help them RUN, not just DEPLOY, a SIEM. However, this is not the same as managed services, as those organizations will continue to own their SIEM tools.
I won’t spoil it for you here, but here are a few fun quotes (but do read the entire piece – sorry, client-only access)
- “The coming year will see SIEM support services available from a wider variety of providers including infrastructure outsourcers, compliance services specialists, managed security services providers, technology resellers, consulting firms and services organizations of SIEM technology vendors.”
- “IT environments and security monitoring requirements will continue to become complex with the incorporation of mobile technologies, bring your own device (BYOD) and cloud-based services.“ (see this research for additional details)
- “Organizations with very limited resources for security monitoring and SIEM management should plan for external services to support their SIEM use cases from the outset, but seek service providers with sufficient expertise and experience to provide enhanced support as additional use cases are required. “
There you have it – and STOP complaining that your SIEM implementation is “services-heavy”, please.
Somewhat related content:
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.