8 ways to get more life out of an old SIEM

As the COVID-19 pandemic drags global economies to a halt, enterprises are having to tighten their belts across the board, including in IT. In May Gartner predicted that worldwide IT spending will decrease by 9% in 2020 compared to last year. According to a Barracuda survey released in May, 40% of companies have cut their cybersecurity budgets as a cost-saving measure to help tackle the COVID-19 crisis.

This means that cybersecurity teams might postpone planned upgrades to core security systems, such as security information and event management (SIEM) platforms. SIEMs are the heart of many enterprise security operations centers, pulling in security-related data from throughout the enterprise and helping security analysts identify threats.

As SIEMs age, companies start to see problems. Older platforms have a hard time ingesting and processing data from new sources, such as hybrid and cloud architectures and SaaS applications. They may also not have the latest analytics tools to spot suspicious behaviors or prioritize threats based on potential impact.

Older SIEMs may also have limits on how much information they can ingest economically, forcing companies to limit their visibility. Meanwhile, the threats aren’t going away. Evidence shows that attackers are taking advantage of the pandemic to step up their activities.

Read full article at CSO magazine.