SIEM’s total cost of ownership

Key considerations

Published October 2016

For security analysts, a flow of security alerts is an inevitable consequence of the digital age. Moreover, as alerts can signal business-impacting incidents, the enterprise’s security staff cannot be complacent. Staff must be relentless in gathering logs, setting alert parameters, assessing alert severity, and then prudently responding to incidents with countermeasures.

This, however, is a demanding responsibility. The broadening range, complexity, and dynamism of the enterprise’s network and systems, combined with a well-armed and motivated hacker community, guarantees that security alerts will increase in volume and diversity.