A few years ago, manufacturers fought each other tooth and nail in the field of antivirus software. Later, terms like Endpoint Protection and Next-Gen AV emerged, and each solution was presented as revolutionary. IT partners and suppliers competed fiercely, with grand promises and sharp marketing claims. But the question was (and still is): does it really work?

Today, we see the exact same battle, but this time around SIEM and SOC services. The market is flooded with providers, and every IT service provider seems to offer something by now. But how do you separate the wheat from the chaff in an industry where revenue goals sometimes seem more important than quality?

The pitfalls of choosing a SIEM/SOC solution

Many organizations struggle with the question: which SIEM/SOC service is right for us? The reality is that not every solution is equally mature. To prevent investing in a product that doesn't deliver on its promises, it is crucial to:

• Conduct reference conversations - Not with brand-new customers, but with companies that have a few months or more of experience. They can tell you what the service is really like.
• Clarify what you need to do yourself - Some SIEM/SOC services may seem managed, but still require a lot of internal effort. Make sure you know in advance where the responsibilities lie.
• Don't just look at the name - Big names don't always offer the best solution for your organization. Sometimes a smaller, specialized party is a better fit.
• The technical solution must fit your organization - Not every SIEM/SOC solution is suitable for every organization. Critically assess the maturity of your own IT security team, the integration possibilities, and the user-friendliness. A solution can be technically great, but if it is too complex to effectively manage, you won't benefit much from it. Choose a platform that aligns with the skills and needs of your team, without unnecessary complexity.

In both cases, a false sense of security arises, while the organization remains vulnerable in reality. Real security is not about the number of settings, but about effectiveness in practice.

The market is shifting: from IT service providers to manufacturers

An interesting trend is that manufacturers are increasingly offering managed services themselves. Where in the past, as an organization, you bought a SIEM and your IT partner managed it, you now see a shift: suppliers are taking over the role of traditional IT service providers.

Why?

• Economies of scale - Manufacturers can offer their services globally, at rates that local IT partners find difficult to match.
• Continuity - Security is a 24/7 job. Manufacturers have the resources to deploy experts full-time, something that is more challenging for smaller parties.
• Talent gravitates towards the source - Where security specialists used to choose between working for an end customer or a dynamic IT/cybersecurity company, you now see a clear trend towards manufacturers. More innovation, more challenge, and - let's be honest - better employment conditions.

Within a few years, we expect the market to largely shift to manufacturers, with only a few specialized integrators remaining.

What does this mean for your organization?

Are you about to choose or evaluate a SIEM/SOC solution? Then take the above insights into account. Do you want to discuss which solution or supplier really suits you? Give us a call. We regularly help organizations in this process and ensure that you make a future-proof choice.