January 9, 2020
In-House vs. Outsourcing SIEM
A security information event management platform, or SIEM, is one of the most critical components of a security monitoring and incident response posture. A SIEM generates a single report of all the log data from many different systems, removing the need for manual monitoring. It can also send out the alert when potential security incidents arise.
If you’ve purchased a SIEM, you know that threat detection is equally as important – or even more important – than prevention and protection.
Your SIEM is only as effective as the information security team that manages it.
In fact, the number one challenge in information security is having the right resources – including expertise, time, and money. It’s costly to hire an information security team and equip them with the necessary tools to be effective. If you want 24x7 coverage, for example, it takes at least eight analysts.
Let’s take a closer look at the numbers. According to Glassdoor.com, an average Tier 1 security analyst makes an annual salary of $77,665. Add in taxes and benefits, and each analyst can easily cost an organization $100,000 per year. Now multiply that number by eight – and add in the cost of a SIEM and other detection and response tools – and you’ve now exceeded $1,000,000 per year. That kind of investment is often out of reach for most organizations.
Don’t drop your recruiting efforts yet! Once your eight analysts have some real-world experience, their inboxes will be filling up with attractive job offers from other companies – meaning that you’ll need to constantly work on hiring, training, and recruitment. Considering the expense of this effort, it’s easy to see why so many organizations outsource information security to a managed detection and response/managed security service provider (MDR/MSSP) like Castra.
Castra has been building Security Operation Centers (SOC) as a service since 2012, and we’ve successfully deployed SIEM/SOAR and a variety of information security products and services in more than 2,000 organizations across the globe. How can Castra make a difference to your organization? Use the cost-benefit analysis below to help your team understand the cost and challenge of building your own 24x7 SOC.
Castra Managed Services |
One (1) Full Time Employee |
||
(Average) $36,000/year |
(Average) $77,665/year |
||
Pros |
Cons |
Pros |
Cons |
Castra Founders have a combined 35+ years of Information Security Experience |
Outsourced |
In-house |
Limited Security Operations experience |
U.S. Based, diligent SOC Analysts, Mastered Several SIEM Platforms and Information Security products |
Exclusive to you |
Limited SIEM experience |
|
Leading Partner with multiple vendors |
Might need SIEM and Incident Response training (more time and money) |
||
SOC2 Type I, Type II Certified |
Sick Days |
||
Written custom code, correlation rules, and plugins by the hundreds |
Benefits add more cost |
||
15,000 Sqft 24x7x365 Security Operation Center and team |
Limited to 40-50 hour work works |
||
Currently managing several large and medium worldwide organizations in all types of industries |
Vacation (2 weeks) |
||
Cost is predictable and constant |
Cost increases over time |