This State of Security Information and Event Management (SIEM) 2022 report surveyed hundreds of cybersecurity and SecOps professionals who use a SIEM to understand their challenges, frustrations, and areas of improvements. We came up with a short summary of key findings as a part of this report that we want to share here:
- Most practitioners have a patchy coverage over their critical security data
- Alert quality is the #1 hurdle for security teams to get value from their SIEMs
- Most SIEMs in existing environments took longer than 30 days to deploy
- Cloud-native SIEMs are gaining mind-share will continue to outshine legacy ones
These findings show what we have known for a long time & that is a shift to the cloud has resulted in an explosion of data that security teams need to collect, analyze, and retain to detect threats. But, they are being held back due to limitations with their legacy SIEMs which are either too costly or too slow to provide meaningful results.
However, every cloud has a silver lining. In this report, we noticed more organizations are adopting a modern SIEM, built and operated in the cloud. With a modern SIEM, security teams can ingest more data than ever before and receive high-quality alerts.
Check out the 2022 report to see how SecOps professionals are keeping up with their existing environment, and what’s their likely next step.