IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

What SIEMs to be the problem?

Thanks to some big acquisitions in the SIEM space, the industry is going to change dramatically in appearance. Tom Brewster explores why...

Security

COMMENT In the space of a few hours, two big announcements from the security information and event management (SIEM) industry hit yesterday.

Intel-owned McAfee decided it wanted a piece of the pie so it snapped up Nitro Security.

Meanwhile, IBM joined the party by agreeing to acquire Q1 Labs a company which was adamant it was not for sale just 12 months ago.

Last year, HP spent an absolute fortune on getting its mitts on ArcSight - a company then (and still) ranked as the market leader.

This would all indicate the SIEM industry is rather big one. The irony is, these three major acquisitions may actually herald the end of the SIEM market as we know it.

It's not an industry, it's a feature

In all three acquisitions noted above, the acquired party has or will see its technology rolled into a bigger package. In the case of Q1 Labs, it will form part of an entirely new division within IBM. Recently-appointed CEO of Q1 Labs, Brendan Hannigan, will even head that division once the deal goes through.

Everyone knows that SIEM is just one layer of what companies would need for effective protection, but these recent acquisitions have indicated SIEM is not an industry on its own. With these big deals came an acceptance that SIEM is really just a feature.

During a press conference yesterday, Hannigan even admitted that SIEM was just a part of what he called "security intelligence."

"The end point is security intelligence which is broader than SIEM," Hannigan told IT Pro.

"Firms that focus just on log management and event correlation will be limited. Security intelligence is the key."

Hannigan said the best way for Q1 Labs to provide its services to end customers was to through a larger vendor in this case IBM. "We will be able to offer significantly better solutions than we could have done before," he added.

Put simply, expect the rest of the SIEM industry to be gobbled up by tech giants in the coming months. Their products will also be rolled into existing, wider ranging security offerings, leaving the sector looking rather thin.

Just like deduplication in storage, SIEM is just a piece of a larger pie that vendors won't be able to rely on as a sole selling point in the future.

What will Symantec do?

So HP, IBM and McAfee have all joined the party. That leaves one notable absentee: Symantec.

Earlier this week, Symantec CEO Enrique Salem said his company was considering spending another $1 billion on acquisitions. However, Salem did not mention the SIEM, or security intelligence, segment. Instead he focused on mobile, virtual spaces and the cloud.

Nevertheless, with chief rival McAfee making a splash yesterday, Symantec will be keen to show it isn't off the pace.

Of course, Symantec already has a product in the area the unimaginatively titled Security Information Manager.

But to consolidate its dominance of the security landscape, it will want to have the best of breed in the intelligence space. With others acquiring some impressive companies, Symantec would do well to show it wants to be a serious player in this space.

So who could it be looking at? Rapid7 is one growing company in this area. Just today it announced it was expanding into Europe with a new base on the continent.

However, it didn't appear on Gartner's SIEM Magic Quadrant from earlier this year. Now that Q1 Labs and NitroSecurity have been snapped up, the best option from Gartner's rankings appears to be LogLogic.

It is still a relatively small comoany, with just 150 employees, but that might make it even more attractive for a prospective buyer, given how highly rated the company is.

Symantec has had its options cut thanks to IBM and McAfee, but there's still plenty of choice.

We'll just have to wait and see if Salem will want to splash some of the companies millions (possibly billions) on an intelligence firm. It would be a smart move doing so sooner rather than later.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

McAfee and Visa offer 50% off antivirus subscriptions for small businesses
cyber security

McAfee and Visa offer 50% off antivirus subscriptions for small businesses

25 Jul 2022
IT Pro News In Review: UK 4 day week, ransomware payment rise, IBM cut ties with Russia
Business operations

IT Pro News In Review: UK 4 day week, ransomware payment rise, IBM cut ties with Russia

10 Jun 2022
IBM bolsters cyber security offerings with Randori acquisition
mergers and acquisitions

IBM bolsters cyber security offerings with Randori acquisition

7 Jun 2022
IBM's new z16 mainframe brings two industry-firsts and quantum-proof data encryption
Hardware

IBM's new z16 mainframe brings two industry-firsts and quantum-proof data encryption

5 Apr 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022