Gartner Blog Network


Our “Security Information and Event Management Futures and Big Data Analytics for Security” Paper Publishes

by Anton Chuvakin  |  January 21, 2014  |  4 Comments

All that big data for security research I did last year has finally condensed into a published paper. Please enjoy “Security Information and Event Management Futures and Big Data Analytics for Security” that focuses on two things: outlining SIEM futures and analyzing the usage of big data technologies and approaches for security. The abstract states: “Organizations with lean-forward security programs complement their SIEM tools with custom-built big data platforms and utilize advanced analytics for security. This assessment predicts the directions for SIEM technology and analyzes the use of big data for security today and in the near future.”

A few fun random quotes follow below:

  • “SIEM tools have been, and are expected to remain, a central point for security monitoring within most large organizations, even though they are not explicitly mandated by any regulations.”
  • “The noise about big data for security has grown deafening in the industry, but the reality lags far, far behind. As many organizations continue to struggle with utilizing traditional security analysis tools, such as SIEM tools, the expectation that they will magically adopt big data technologies and approaches is simply unrealistic.”
  • “Big data use for security will continue to be populated by the most advanced, mature, Type A organizations for the near future. Security may well be becoming a big data problem, but riding that big data wave will stay difficult and expensive for most organizations, at least for the next one to two years.”
  • “Before embarking on a big data project, carefully review the needs and assess whether they really require a big data approach rather than a traditional set of COTS tools.”
  • “Start from analysis of existing data: No new data! Explore datasets in SIEM, NFT, ETDR, etc. tools. Expand to new data types gradually, after you master your existing data and acquire necessary analytical skills.”
  • “Do not buy any new tools, especially those labeled “big data,” before analysis goals are set and needs are clear. Do not pay for the “glamour” of big data if there is low chance of benefiting from the investment.”

GTP subscription is required for access, for those without one here are some links from my research that resulted in this paper.

Related posts on the topic of big data for security:

Category: analytics  announcement  big-data  security  

Anton Chuvakin
Research VP and Distinguished Analyst
5+ years with Gartner
17 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio


Thoughts on Our “Security Information and Event Management Futures and Big Data Analytics for Security” Paper Publishes


  1. […] Our “Security Information and Event Management Futures and Big Data Analytics for Security&rdq… […]

  2. […] ← Our “Security Information and Event Management Futures and Big Data Analytics for Security&#82… […]

  3. […] Our “Security Information and Event Management Futures and Big … http://blogs.gartner.com/anton-chuvakin/All that big data for security research I did last year has finally condensed into a published paper. Please enjoy “Security Information and Event Management Futures and Big Data Analytics for Security” that focuses on two … […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.