Blog post

Services: A MUST for SIEM!

By Anton Chuvakin | December 19, 2012 | 0 Comments


We recently published a set of annual Gartner Predicts 2013. I wanted to draw your attention to one of them “Predicts 2013: Cloud and Services Security.” Specifically, it contains the following prediction:  “By 2015, over 30% of SIEM deployments will include service-based event monitoring or SIEM management components, up from less than 5% today.” Think about this for a second: a lot more people will engage professional services to help them RUN, not just DEPLOY, a SIEM. However, this is not the same as managed services, as those organizations will continue to own their SIEM tools.

I won’t spoil it for you here, but here are a few fun quotes (but do read the entire piece – sorry, client-only access)

  • “The coming year will see SIEM support services available from a wider variety of providers including infrastructure outsourcers, compliance services specialists, managed security services providers, technology resellers, consulting firms and services organizations of SIEM technology vendors.”
  • “IT environments and security monitoring requirements will continue to become complex with the incorporation of mobile technologies, bring your own device (BYOD) and cloud-based services.“ (see this research for additional details)
  • “Organizations with very limited resources for security monitoring and SIEM management should plan for external services to support their SIEM use cases from the outset, but seek service providers with sufficient expertise and experience to provide enhanced support as additional use cases are required. “

There you have it – and STOP complaining that your SIEM implementation is “services-heavy”, please.

Somewhat related content:

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed