Is Security Information Event Management (SIEM) Dead?

Yes,  yes it is.
SIEM is Dead

Share This Story!

The Noise

Security information and event management known as SIEM provides network administrators security logs that are necessary for detecting and responding to cyber threats in real-time.  Administrators in charge of a SIEM typically have to respond to hundreds if not thousands of security events and alerts on a daily basis.  SIEMs are traditionally difficult to configure and require ongoing tuning to limit the noise and eliminate false positives. Even in an Enterprise landscape resources for SIEM management are inadequate and proper SIEM management falls short, severly affecting a company’s security posture.

The Fatigue

SIEM administrators also suffer from alert fatigue, which is a source of error and talent attrition. When an analyst is dedicated to pure alert triage, the work can be mind-numbing and dull valuable skills. Many talented analysts will pursue other roles. Another consequence of alert fatigue is human error. It’s easy for someone to miss one step in a triage process that’s done tens or hundreds of times each day.

The Cost

Deploying and managing a SIEM is costly.  The problem is that on average, the security experts who perform these functions earn about $100,000 a year – and that doesn’t factor in the upfront expenses associated with deploying a SIEM.  An average enterprise spends roughly $500,000 on the cost of technology, an average $100,000 per head for managers, $90,000 for ongoing maintenance and roughly an Additional $200,000 for additional expenses.  The Cost of a SIEM can easily exceed $1 Million each year.

Many organizations look to traditional MSSPs (managed security service provider) to manage their SIEM as a service but complex solutions can be costly for mid-market organizations and utilizing outsourced managed security is still too expensive for many of the smaller firms.

With the transformation of IT and the ongoing escalation of advanced threats, smaller companies are at a tremendous disadvantage and have their backs against the wall financially and don’t have the in-house resources or expertise necessary for ongoing and daily monitoring, and most won’t see a return on investment. More importantly, inadequate SIEM management or the lack of threat monitoring leaves businesses wide open to attacks.

The Real Problem

Cybersecurity is a mandatory operational expense in today’s cyber threat landscape. However, it’s one that isn’t delivering dividends for enough organizations, as there appears to be a disparity between what businesses are paying for and what they’re actually getting. Most SMBs are unaware of the importance of real-time threat detection and have a tendency to believe that a firewall, local tech support, and anti-virus solutions are good enough, so the threats become breaches and companies (people) suffer.  It’s estimated that cyber damages will reach $6 Trillion Dollars by the year 2021.

When products and solutions no longer add more value than the costs associated, that solution is usually at the end of its life-cycle.  SIEM has reached its end and is now a true legacy model. RIP.

The Replacement

It’s not surprising as of 2016, nearly 70 percent of companies were actively looking for ways to slash their SIEM management costs. While SIEM is gasping its last breath, the managed service model is growing up, and reaching maturity.  Gartner predicts that by 2020 more than 70 percent of security will be deployed through managed security models that provision people, process and technology to combat the sophisticated ramp up of global cyber threats.  By deploying next generation, managed Security Operation Center (SOC) solutions, companies of all sizes can drastically cut costs and greatly benefit from real-time threat management and response without having to skip a beat.

SOC-as-a-Service model has proven to be an extremely cost-efficient and effective tool for enhancing overall security posture. With SOC-as-a-Service, you maintain all the benefits of your current IT team whether in-house or outsourced. However, the additional layer of security is managed in a true Security Operation Center, giving an organization’s IT staff the ability to do the following:

  1. Trace the entire lifecycle of a threat.
  2. Have transparency into their own networks.
  3. Manage compliance effectively.
  4. Accurately gauge ROI of the service.


  • A fully managed security operations center

  • People, process and technology to manage cyber risk

  • Real-time Threat Detection and Response.  Analytics, machine learning, threat intelligence and vulnerability scans

  • A dedicated security engineer (DSE) and security team

  • Simple and predictable pricing

  • Superior incident response capabilities

In effect, you significantly scale back your cybersecurity budget while improving the value of your threat detection and response strategy.  Learn More About Redbot iSOC MDR or Contact us for a free consultation / quote.

Redbot Security Provides MDR, Penetration Testing and Security Assessments / Compliance Audits – Find out more

About Redbot Security

Redbot Security provides controlled  penetration testing,  advanced security assessments / compliance audits and managed detection and response (MDR) (SOC-as-a-Service) setting a new standard in cyber security strategies.  We identify and re-mediate threats, risks and vulnerabilities, helping our customers deploy next gen technology and manage the always changing cyber threat landscape.

Contact Details

Contact Us!

1312 17th St, Suite 521
Denver, Co 80202

[cp_slide_in display="inline" id="cp_id_f2429"][/cp_slide_in]
Related Posts
  • Critical Infrastructure Vulnerabilities
  • AI - can be used against us.
  • Red Team vs Penetration Testing
Is Security Information Event Management (SIEM) Dead? Yes, yes it is.
Article Name
Is Security Information Event Management (SIEM) Dead? Yes, yes it is.
When products and solutions no longer add more value than the costs associated that solution usually at the end of its life-cycle. SIEM has reached its end and now a true legacy model.
Publisher Name
Redbot Technologies
Publisher Logo