Information Security has always been a large producer and consumer of data. More sophisticated best practices and expanding compliance and regulatory requirements have almost exponentially accelerated the production and consumption of data. Event and activity logs have grown to Big Data proportions and the diversity of data being consumed has become significantly more varied. As a result, traditional log and event management tools and monitoring practices are becoming increasingly insufficient.

This research studies how both management and operations level IT and information security practitioners perceive the change in the volume and types of data available and the tools needed to provide analysis to generate actionable threat intelligence. Security analytics tools provide practitioners a means to meet their needs for actionable threat intelligence and timely response to attacks to prevent attacks from becoming breaches.

EMA surveyed nearly 300 personnel comparing and contrasting many of the responses by industry vertical, organizational revenue size, and personnel size.  A number of key findings and supporting details were brought to light in the areas of SIEM, Security Analytics and APT/ATA defense technologies. The data reveals many other useful points that will aid the IT/security practitioner and management in advancing the security toolset and practices and the impacts of key program factors.

Information exchnaged factors will include:

1) Rankings of 13 different tools categories with their respective deployment and satisfaction within the repspondent groups.   

2) Value of SIEM vs Security Analytics

3) Effectiveness and Value of security analytics tools as perceived by the business

4) Impact of security tools in incident response.