eIQnetworks: 65 percent of Security Professionals Say SIEM is Dead

Cyber-attacks and insider threats are becoming more common in today’s society and it is hard to trace them. To counter these threats we need to share information continuously within organizations, clean logging, and keep an eye on employees and monitoring alerts.

eIQnetworks, the developer of SecureVue, a revolutionary new security platform serving some of the largest enterprises around the world, including government, financial, telecommunications, retail and healthcare has conducted survey on cyber-attacks.

According to a press release, nearly two-thirds [65 percent] of senior security professionals at Global 5000 and federal organizations say traditional Security Information and Event Management (SIEM) products no longer provide enterprises and government agencies with the ability to tackle modern cyber threats and insider attacks.

The survey states that SIEM products offer useful data but they lack visibility across a broader set of security elements required to detect the growing number of data breaches and other successful cyber-attacks on corporate and government enterprises.

John Linkous, vice president and chief security and compliance officer at eIQnetworks, explains, "Just as signature-based technologies long ago stopped being the only effective line of defense for enterprise and government networks, the SIEM approach of relying entirely on logs and other event-based information to effectively address modern enterprise threats is now dead, as well. The tremendous numbers of successful, advanced persistent attacks in the last six months have demonstrated that SIEM products alone simply do not provide the capability for security analysts and system administrators to timely and accurately identify an attack, and take action in real time."

 As a result, these products fail to provide timely and accurate actionable information that would quickly allow them to identify an attack while it is taking place, and enable security professionals to repel or mitigate the attack before significant damage is done.

"Our survey suggests that security professionals are looking for a new approach to securing large distributed networks that gives security analysts visibility of all security and compliance data - not just logs and events - in a unified view via a single, integrated console. It also appears that they are not alone in this opinion – Gartner released a research note in July, ‘Delivering Situational Awareness’, highlighting the need for situational awareness in large distributed networks."