This resource is no longer available
Return on Investment (ROI) and Security Information and Event Management (SIEM): How RSA enVision Delivers an Industry Best ROI
Security Information & Event Management has a long and varied history as a category of technology solutions that collect and analyze event logs that come from all types of devices and applications in a given IT infrastructure. SIEM solutions have taken various forms and different tools specialize in different aspects of log management, monitoring security, proving compliance and/or maximizing IT operations.
Determining the ROI or the value you derive from a SIEM solution is not easy. No one buys a SIEM solution to generate revenue. It isn't a cotton candy machine. That said, most buyers-- especially these days-- need to be able to quantify the value a SIEM solution will bring to their organization. The value a SIEM solution can provide depends on what your organization needs to get done-- monitoring threats and demonstrating compliance, for instance-- and even the penalties for not doing some things, such as failing to comply with an audit.
Most experts-- who for years argued for or against a "Return on Security Investment (ROSI)"-- agree that the value a SIEM solution brings is primarily in the realm of cost avoidance, not "return" as it's defined in the purest economic sense. So whether you're looking for a ROI, ROSI, Total Cost of Ownership (TCO), or a breakeven point, the goal is demonstrable value.
Read this paper to learn more.