Security information and event management (SIEM) is a cybersecurity solution that helps companies detect network threats and ensure compliance. With cybersecurity threats on the rise, SIEM is a key tool for organizations to protect their data.
De Valle, Texas-based ManageEngine, the enterprise IT management software division of Zoho, offers SIEM technology as part of its IT security management line.
Datamation interviewed ManageEngine VP Manikandan Thangaraj, who shares his perspective on the development and growth of the SIEM market:
Manikandan Thangaraj
Thangaraj has been with ManageEngine for over 20 years. During Zoho’s journey from being a bootstrapped startup to becoming an enterprise software company, Thangaraj has been instrumental in building solutions for some of the industry’s most complex challenges, like cybersecurity, identity and access management (IAM), cloud, and the Microsoft ecosystem.
Currently, he spearheads a dynamic team of passionate engineers, marketing experts, solutions consultants, and product managers — all IT enthusiasts at heart, committed to changing the status quo of major business challenges with an intuitive and solution-centric approach.
SIEM Q&A
Datamation: How did you first start working in the security information and event management market?
Thangaraj: Two decades back, we began providing answers to questions such as, “What is happening in your network?” and, “Is that event bad?” We started off with a simple yet effective log collection and management tool and slowly evolved along with SIEM to cater to the growing demands of a security operations center (SOC).
Datamation: What is your favorite thing about working at ManageEngine?
Thangaraj: ManageEngine provides an environment where success isn’t measured just by your title or role or your years with the organization. The company’s culture fosters trust and the freedom to contribute however an individual can. And that’s the reason I love working at ManageEngine.
Datamation: What sets ManageEngine’s SIEM approach or solutions apart from the competition?
Thangaraj: Being simple without compromising on the capabilities is our key differentiator. While the market sees SIEM solutions as complex and high-maintenance tools, ManageEngine offers SIEM capabilities in a quick-to-deploy and easy-to-maintain architecture.
The SIEM Market
Datamation: What is one key SIEM technology that particularly interests you?
Thangaraj: I find the adoption of artificial intelligence (AI) in the incident management techniques of SIEM curious. AI has been well leveraged for the predictive threat detection and not explored much for the adaptive remediation framework of SIEM. Exploring AI’s capabilities for automated remediation and case resolving would optimize and streamline the security operations to the fullest and will also overcome the most serious challenge today — the cybersecurity skill gap.
Datamation: What is one SIEM technique that teams should implement?
Thangaraj: Teams that use SIEM should focus on constantly maintaining and customizing the SIEM to their environment for effective utilization. They must learn the options their vendor provides to fortify their defenses against the evolving threats. They should also consider using the integration options provided by the vendor and use the SIEM as a platform rather than a tool.
Datamation: What is one SIEM strategy that companies should implement?
Thangaraj: Knowing why you need a SIEM and how you’re going to use it is the best way to start a SIEM implementation. Building use cases that SIEM solutions should resolve for you, before the deployment, is one strategy that helps enterprises save a lot of time.
Datamation: What is the biggest SIEM mistake you see enterprises making?
Thangaraj: Thinking of SIEM as a tool rather than a platform to enhance the security posture of the organization. When SIEM is looked at as one of the security tools that’s deployed, enterprises create a lot of gray areas for the hackers to exploit. SIEM should be deployed and utilized as a platform that brings in all security information together and provides deeper analytics for effective threat detection and resolution across the enterprise network.
Datamation: What are some current trends in the SIEM market that are promising?
Thangaraj: Security orchestration and adoption of AI in predictive analysis are some of the trends that will help SIEM become a more robust security platform.
Datamation: What are the biggest factors that are driving change in SIEM?
Thangaraj: Cloud adoption is one of the biggest factors shaping the SIEM market. SIEM’s capabilities are evolving to enhance the cloud security posture. It’s bringing in capabilities and technologies to ensure cloud security as well as extending the on-premises security strategy to the cloud without much effort. The consolidation of security platforms in the cloud, secure access service edge, that is commonly known as simply SASE, is seen as the next big change in the SIEM market space.
Datamation: How has SIEM changed during your time in the market?
Thangaraj: From log management technology that provides insights on the security events, SIEM has come a long way. SIEM is now an inclusive security technology that takes insights from endpoint security platforms and data security and implements behavior analytics for effective security case management. SIEM is now seen as a console that takes security inputs from various tools deployed within the enterprise, correlates them with contextual security data, and delivers prompt and accurate threat detection details that ensure the effective management and resolution of the security incidents. It also serves as a platform that helps enterprises form a solid security strategy.
Datamation: Where do you predict the SIEM market will be 5 or 10 years from now?
Thangaraj: SIEM will become simpler and easier to deploy and work with. Capabilities such as security, orchestration, automation, and response (SOAR) and cloud access security broker (CASB) will be explored further. Adoption of AI in incident remediation will expand. SIEM as a service, also known as cloud SIEM, will be adopted by more organizations because of its infinite scalability and low resource investment.
Personnel in SIEM
Datamation: What is one SIEM technology your team wants storage professionals to know?
Thangaraj: It’s important for security professionals to know that SIEM is a security platform that can be fine-tuned and customized. More than learning the SIEM technology, I would say it’s crucial that security professionals understand their environment better, formulate the use cases that are needed for their organization and industry, and leverage the best of a SIEM solution to accomplish their organization’s specific needs.
Datamation: If you could give one piece of advice to a SIEM professional in the beginning of their career, what would it be?
Thangaraj: The SIEM market brings diverse opportunities for security professionals. Choose the area of focus — forensics, defensive strategies, offensive strategies, privacy and compliance — and start exploring them more.
Datamation: With the shortage of tech talent, how is your team finding and retaining professionals to work in SIEM?
Thangaraj: We give them the freedom to explore different SIEM opportunities, research the SIEM market, and adapt the solution to our evolving needs. This establishes a challenging workplace that encourages our talent to stay with us for the long run.
Datamation: For the greatest business impact, what should SIEM professionals be focusing on most in their roles?
Thangaraj: Beyond using the SIEM solution every day, they should embrace advancing to the next level whenever possible. Security professionals can expand their horizons by focusing on continually learning more in their areas of interest.
Work life
Datamation: What is one of your top professional accomplishments?
Thangaraj: During the initial days, when we were watching the market, there was a greater scope for providing security analytical insights based on the log analysis. Our team at ManageEngine then entered the SIEM market by crafting solutions that analyzed the log data, especially from a Windows environment, and provided what our customers needed. I would consider taking this first step as one of my top professional accomplishments at ManageEngine.
Datamation: What is your favorite part of working in the SIEM market?
Thangaraj: SIEM is one of the dynamic markets out there. Since its inception in 2005, it has evolved at various levels. From security information to security event management, behavioral analytics, and adopting AI for predictive analysis, it has come a long way. At all these levels, the new technologies were challenging. Such a challenging environment kept my interest growing in the SIEM market.
Datamation: What is one of your favorite parts of the work week? How does it encourage or inspire you?
Thangaraj: Security is perceived and implemented differently in different parts of the world. I would like to spend time understanding the SIEM needs and evolution across different regions of the globe. The diversity inspires me to do better.
Datamation: Do you have a favorite way to recharge during the workday?
Thangaraj: A cup of coffee is my way to recharge.
Datamation: What are your favorite hobbies or ways to spend time outside of work?
Thangaraj: I love to spend time with my family and go on long drives. I’m a mountain person, and it gives me pleasure to go on a hike or explore the mountains.