• United States



They missed the ‘SIEM is Dead’ memo

Oct 04, 20112 mins
Data and Information Security

This morning’s acquisition news from McAfee and IBM illustrates why it’s unwise to declare things dead.

You might remember last month when eIQnetworks released the results of a survey in which respondents backed their claim that SIEM was dead. The press release went like this:

Two-thirds [65 percent] of senior security professionals at Global 5000 and federal organizations say traditional Security Information and Event Management (SIEM) products no longer provide enterprises and government agencies with the ability to tackle modern cyber threats and insider attacks.

According to a recent survey conducted by eIQnetworks, while point SIEM products provide useful data, they lack visibility across a broader set of security elements needed to detect the increasing number of data breaches and other successful cyber attacks on corporate and government enterprises.

As a result, these products fail to provide timely and accurate actionable information that would quickly allow them to identify an attack while it is taking place, and enable security professionals to repel or mitigate the attack before significant damage is done.

This morning, news of two big acquisitions throw water on that whole argument.

McAfee announced its acquisition of NitroSecurity, specifically singling out its SIEM prowess as the reason.

Minutes later, IBM announced the acquisition of Q1 Labs, whose arsenal of products includes SIEM technology.

Either SIEM isn’t dead after all, or these vendors have gone into the cadaver-collecting business.

–Bill Brenner

one-stop view of latest business threats. We created it for you! Bookmark it! Use it!

CSO’s Daily Dashboard gives you a

Sign up today.

Get your morning news fix with the daily Salted Hash e-newsletter!