SIEM Perceptions Adoption

After a year of remote work that has seen several high profile and impactful cybersecurity breaches make headlines, have tech leaders turned to security information event management (SIEM) tools as a way to bolster their security posture?

Pulse surveyed 248 tech leaders to understand:

Download our report on the

SIEM Perceptions Adoption

Download PDF

Data collected from April 21 - May 19, 2021

Total respondents: 248

While most have deployed a SIEM tool, those who haven’t aren’t rushing to adopt one

Almost two-thirds (65%) of decision-makers are deploying SIEM in their organization: Will this change the minds of the 35% who aren’t?

Not anytime soon apparently, as most (66%) of those currently not deploying SIEM have no plans in place to do so. Those that do have a plan mostly won’t deploy for at least 7 months (24%).

But those who haven’t deployed SIEM may want to reconsider …

85% of those who have added SIEM to their security stack are more satisfied with their security since SIEM adoption.

And an overwhelming 96% report that threat detection has improved since SIEM deployment.

For deployment, most (49%) used a managed security services provider (MSSP) for setup and then internal management. Over a third (35%) deployed internally without an MSSP.

However, costs are a major perceived downside to SIEM products

Decision-makers perceive costs (69%), skills requirements/training (57%), and problems defining data from the noise (50%) as the main disadvantages of SIEM products.

In fact, looking closer at costs, over a quarter (26%) of decision-makers say that SIEM products cost significantly more than they would like to spend. Only 6% describe the average price point as fair.

Leaders want faster threat detection and a boost to security operational efficiency from SIEM products—while the business will see enhanced cybersecurity risk management

The top desired benefits of SIEM include faster threat detection (68%), increased security operations efficiency (64%), and centralized visibility (61%), according to decision-makers.

Outside of IT, the business benefits from SIEM deployment mostly through enhanced cybersecurity risk management (78%), increased visibility (55%), and compliance (54%).

SIEM is currently best suited to defend against D/DDoS attacks, but next generation SIEM technology should focus on complex threat detection

Decision-makers believe that SIEM products are best suited for detecting Denial of Service-type attacks (D/DDoS) (54%), followed by malicious insider threats (49%) and web-based attacks (49%).

Tech leaders highlight complex threat identification (36%) as the most critical capability for latest generation SIEM technology, followed by security orchestration, automation and response (SOAR) (24%), and user and entity behavior analytics (UEBA) (20%).

SIEM products should include intelligent and automated features to appeal to decision-makers—and vendors should explore lower costs and implementation assistance to stand out

As for features leaders would like to see in a SIEM product, intelligent threat detection (73%) is the most desirable, followed by automated notifications (55%) and threat prioritization (50%).

From SIEM vendors, decision-makers want to see lower costs (54%), implementation assistance (51%), and realistic product expectations (51%).

Respondent Breakdown


SIEM Perceptions Adoption

Download PDF

About Pulse

Pulse is a social research platform trusted by technology leaders around the world. These leaders rely on the community to make connections, share knowledge, get advice, and stay on top of current trends in the technology space. The questions, polls, and surveys posted in the platform are curated in Pulse's One-Minute Insight reports, which reflect what technology leaders care about right now—and in the rapidly evolving world of software, real-time data and insights in what matters most.