TECH SUPPLIER Mar 2023 - IDC Survey - Doc # US50436623
SIEM and Mature Versus Less Mature Security Operations: Differences Between Novices, Apprentices, Veterans, and Pacesetters
This IDC Survey examines results from IDC's Security Operations Center Survey, which was conducted in December 2022 in the United States. The goal was to characterize the maturity of the security operations and understand actions related to the security information and event management (SIEM) platform in relation to maturity. Respondents are from a broad range of industries and company sizes.
Key findings from the survey include:
- The mature pacesetters are more likely to use SIEM than less mature groups; user behavioral analytics, incident investigation, and threat hunting are the top use cases for SIEM among all respondents.
- 89% of respondents see more than 100 alerts per day; the larger the organization, the greater the number of alerts due to the oftentimes larger IT environment.
- SIEM is hard. 41% of security teams report they reconfigure their SIEM due to broken detection rules at least once per month and 29% have a minimum of four full-time staff on their detection engineering teams.
- Over 75% of respondents are actively automating IT security workflows, but 52% of those automating report that automation is harder and is taking longer than expected.
"Maturity does not correlate to the size of the organization, the size of the IT security team, or the size of the IT security budget," said Michelle Abraham, research director, Security and Trust at IDC. "Our survey found mature security practices and operations are present across the spectrum of organizations."
SIEM and Vulnerability Management
Authentication, Endpoint security, Intrusion detection system, Security information and event management
- 40 slides
When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.