Two-thirds (65 percent) of senior security professionals at Global 5000 and federal organizations say traditional Security Information and Event Management (SIEM) products no longer provide enterprises and government agencies with the ability to tackle modern cyber threats and insider attacks.
According to a survey by eIQnetworks, while point SIEM products provide useful data, they lack visibility across a broader set of security elements needed to detect the increasing number of data breaches and other successful cyber attacks on corporate and government enterprises.
As a result, these products fail to provide timely and accurate actionable information that would quickly allow them to identify an attack while it is taking place, and enable security professionals to repel or mitigate the attack before significant damage is done.
John Linkous, vice president and chief security and compliance officer at eIQnetworks, explains, “Just as signature-based technologies long ago stopped being the only effective line of defense for enterprise and government networks, the SIEM approach of relying entirely on logs and other event-based information to effectively address modern enterprise threats is now dead, as well. The tremendous number of successful, advanced persistent attacks in the last six months have demonstrated that SIEM products alone simply do not provide the capability for security analysts and system administrators to timely and accurately identify an attack, and take action in real time.”