Wonder
Log in
Research Outline
Prepared for Aran B. | Delivered February 5, 2020
SIEM Implementation - Challenges
Review your project details
Goals
To identify barriers or challenges companies encounter when implementing cloud-based and traditional SIEM systems.
View less
Early Findings
Cloud SIEM systems are
relatively easier
to deploy compared to traditional SIEM systems. According to an article by Sumo Logic, they are also known to be
cheaper
and
faster
.
Major providers of cloud-based SIEM systems, such as
Microsoft
and
Google
, are still
relatively lacking
in providing all of the connectors needed to pull data from other systems.
A 2019 study by Mckinsey identified the
lack of preexisting connectors
to commonly used cloud SIEM platforms as a major challenge to implementing the security system for SaaS platforms. According to the study, providing relevant connectors will help clients implement their products
more quickly
,
less expensively
, and with greater confidence that they are not introducing new security vulnerabilities.
Another study on implementing traditional SIEM systems identified the
total sunk cost
associated with the process as a challenge for some firms. SIEM systems typically require about
six months
to set up before it can start to deliver security. All through this process, significant infrastructure and personnel costs are incurred in ensuring the success of the system, which adds up to the final cost of the process.
Gartner Research identified
six
major difficulties that affect companies when implementing SIEM systems. They
include
panning failure, lack of sufficient resources, inability to properly define the scope of the project, noise monitoring, insufficient context, and overly optimistic scoping.
View less