Security information and event management (SIEM) has been “reserved” for large enterprises for a long time and therefore vendors largely ignored smaller customers. “Smaller customers” are medium enterprises and mid-market companies, according to various definitions and brackets, and they range from a hundred to more than a thousand employees.
But the problems that SIEM solves are problems that these SME/mid-market organizations have as well.
What Problems of the SME/Mid-Market Organizations Do SIEMs Solve?
A SIEM lets a company:
- Cover compliance requirements – Regardless of geography, at least one cybersecurity regulation or standard applies to mid-market organizations and compliance is a heavy burden on technical and compliance teams. We have prepared requirement mappings for a number of regulations and standards to make compliance-based decisions easier.
- Gain partner trust – Partners prefer to work with companies that have covered their bases. If a company want to work with or service large partners, it needs to prove its security posture and having a SIEM is usually on the checklist, in part because large enterprises are used to centralized security monitoring.
- Reduce cyber risk – SMEs are the most heavily affected by cyber incidents and there’s a 50% chance to go out of business within 2 years of a significant breach. SIEM significantly reduces that risk by giving SMEs the ability to detect the threats and react in a timely manner
- Prevent insider threats – Malicious or disgruntled insiders pose a risk to each company’s operations and data. Behaviour monitoring and analytics that are part of SIEM are key for preventing insider abuse.
What Are the Key Reasons That Have Prevented SME/Mid-Market Organizations to Adopt a SIEM?
While these problems, and the fact that solutions like SIEM exist, are well understood by many in the mid-market and SME segments, there are several problems that have prevented them to adopt a SIEM. We at LogSentinel specifically addressed these problems to make smaller organizations get value from a SIEM deployment:
- “It’s too expensive” – Our pricing is based on the organization size and is much more affordable than most SIEMs. With that in mind, ROI based on saved IT effort and reduced risk is a no-brainer.
- “It’s too complicated” – LogSentinel SIEM makes both deployment and use simple through our product-guided implementation and easy to use features.
- “We don’t have a security team” – LogSentinel SIEM doesn’t require a security team. It can help the IT department in addressing security concerns without the need for new hires, or alternatively, its management can be outsourced to a managed security service provider.
- “It doesn’t solve the biggest issues” – SIEM is usually thought to be about “passive monitoring”, but LogSentinel’s next-gen SIEM keeps you safe from the most pressing issues – phishing, ransomware, credentials leaks, and lets you actively hunt threats and respond to new ones in an automated or semi-automated way.
Some industries are more affected than others – both in terms of threats and in terms of regulations. This is where the most demand for adequate security solutions is – finance, insurance, healthcare, government, critical infrastructure, and e-commerce. But that doesn’t mean others are running risk-free.
Bozhidar Bozhanov is co-founder and the CEO at LogSentinel. He is a senior software engineer and solution architect with 15 years of experience in the software industry. Bozhidar has been a speaker at numerous conferences and is among the popular bloggers and influencers in the technical field. He’s also a former government advisor on e-government, transparency and information security.