Market Overview: Security Information Management (SIM)

The security information management (SIM) market has undergone a dramatic transformation in the past five years. After growing to a respectable size in a short period in the early 2000s, the SIM market stagnated until the Payment Card Industry Data Security Standard (PCI DSS) rescued it from obscurity. Today, the SIM market and related log management submarket is vibrant and relevant to the needs of security and risk management (SRM) professionals. Key features have standardized across all SIM products: fulfillment of PCI DSS Requirement 10, event correlation, change detection and reporting, support for heterogeneous data sources, and both agent-based and agentless data collection methods. Forrester expects the SIM market to undergo another turbulent period in the next 12 to 36 months as the economy forces consolidation among the 20-plus vendors selling SIM products. Cost pressures and inevitable scale efficiencies will drive vendors to introduce cloud-based SIM services, integrate their products more deeply into network infrastructure, and embrace Google-style unstructured search.