Updated: Mar 25, 2020
In the last 12 months, government security regulations have forced IT leaders to bring in a SIEM (security information and event management) solution. Organizations that fail to implement one will soon not be allowed to conduct business in the European Union, among other places.*
Meanwhile, sales at SIEM market leader Splunk are on fire: sales revenues surged 38.6% year over year and cloud revenue has soared 90%. Splunk is under pressure from Wall Street to convert customers to subscription based/SaaS/cloud licensing models, due to the advantages of long-term revenue. This activity is accompanied by rumors of a potential Splunk acquisition (by Symantec, to name one), meaning there’s a shorter period to boost revenue and raise company valuation.
The result: Intent on maintaining their impressive rate of growth, Splunk is pro-actively approaching customers to renew their licenses, or switch from perpetual licenses to subscription/cloud-based. However, in many instances, Splunk customers are under no obligation to do anything at all.
If your organization has a Splunk environment, now is a good time to review what type of licenses you own. If they’re perpetual, you can expect Splunk to encourage you to move your solution to the cloud or buy their subscription on-premise term license. If your already own a subscription license, you would do well to prepare for Splunk’s call by determining:
If the business is fully utilizing the solution
If the environment is growing
If you've had any complaints about the system
Even if your organization is not a Splunk environment, it’s still wise to evaluate the efficacy of your SIEM solution, particularly if you’ve had complaints. The market abounds with solutions, and the leverage currently favors the buyer. ClearEdge has recently engaged with clients to leverage the surge of Splunk sales activity by examining alternatives, including IBM’s QRadar, since many people have an IBM environment and can easily add products into their current agreement or use existing credits to make the purchase.
And finally, Splunk sales reps are eager to maintain the firm’s revenue performance and are making offers that could potentially save you money by shifting to Splunk if you’re not already a customer. To learn more about Splunk sales practices, SEIM alternatives and savings opportunities, please contact your ClearEdge representative.
* Articles 25 (1 and 2), 32 (1B), and 33 in the European Union’s GDPR require companies to have a SIEM solution to conduct business in EU (May 2018). Regulations in U.S. include state-by-state requirements (e.g., NY State’s Cybersecurity regulation, March 2018). https://www.cpomagazine.com/2018/05/24/importance-of-using-siem-for-gdpr-compliance/