Has to be SIEM to be believed . . .
Small to medium sized enterprises want to be cyber secure, but most struggle to afford it. With prevention being cheaper than recovery they can’t afford to not be secure either. Average expenditures on cyber-crime are increasing exponentially, and costs associated with these crimes can be crippling to smaller companies.
“61 percent of breach victims in 2017 were businesses with under 1,000 employees.” (Verizon)
Couple this cost issue with the cyber defence market being saturated with tools and services, it can be incredibly daunting to decipher which of these are adding value and which aren’t. When to spend your small budget and when to keep it in your pocket.
From a basic standpoint, you simply cannot adequately defend yourself against something that you cannot see. We can’t be secure without visibility of what’s happening on our networks and end points. We can be blissfully ignorant for a short time, but not secure.
But from a purely Infrastructure BAU (business as usual) cost perspective, the more security data you collect, the more it costs to store it. More disk space or more cloud storage equates to more money spent.
That can add up to quite a significant expense even for a small company. Then….. the SIEM vendors charge you for their licences fees — EPS (event per second), volume stored etc. On top of that, an MSSP (Managed security service provider) will charge a service cost for doing the basics of looking at the alerts and raising an incident. All of which is very expensive and a high barrier to entry for smaller businesses. The cost of being secure keeps many smaller companies insecure. Possibly a fundamental reason for the growth in supply chain attacks.
MSSPs are under pressure to deliver a very standard service, so they don’t have the cost of tailoring the service to individual customer needs. Standard use-cases rather than bespoke ones, restrictive SLAs and a blanket approach to security means that; many companies are paying for their own internal BAU costs, paying for licences fees and paying an MSSP to just deliver a basic, yet expensive multi-tenancy service.
The Pocket Siem service addresses these issues head on. The solution is deployed by Pocket Siem but mostly run and managed by your own internal teams. If those teams don’t exist, a small optional retainer can ensure Pocket Siem as an escalation point, not to be confused with and MSSP.
The you can decide how much data you want to store based on the cost vs visibility risk analysis.
Pocket Siem are not an MSSP, so you don’t pay for large teams of analysts ‘sitting around’ waiting for work or trying to do the minimum on any one customer’s ticket so as to maximise profits for the MSSP. If customers escalate a ticket to Pocket Siem, they will be charged only for the work done on that specific ticket. Hence it is a pay-per-ticket siem solution. The use-cases offered are generic, but given that they cover the most common attacks, they make a great starting point and effectively eliminate that barrier to entry. And there’s nothing stopping you from enhancing your use-cases as your internal teams develop their skills.
As you mature, Pocket Siem would then encourage you to either expand on the Pocket Siem solution or to migrate to a commercial SIEM provider if and when it makes sense for you to do so.
The beauty of Pocket Siem is it’s scalability, it grows with your business, but also can easily be removed should you want to go with a bigger provider in future.
Possibly one of our most unique selling points — There are NO licencing costs for Pocket Siem!
Get in touch here if you’d like more information, we’d love to brag some more about how Pocket Siem is perfect for SMEs.
