Almost two-thirds of IT security professionals said they do not use Security Information and Event Management (SIEM) technology, according to Computer Weekly/Techtarget's security purchasing intentions survey.
Of those that do use SIEM, 22% said they used it for compliance and proactive security response and 10% used it for compliance only.
Signficantly, 4% said they had used SIEM but had abandoned it.
Although 22% of firms claim to use SIEM proactively, Andrew Rose, principal analyst for security and risk at Forrester Research said there is likely to be a wide variance in the level of pro-activity in each organization.
"Forrester sees, for example, many firms just collating logs, without sufficient resource to correlate and investigate them in real time, and simply storing them to use for after-the-fact troubleshooting and forensics," he said.
However, Rose said Forrester has seen a surge in interest in SIEM and many conversations revolve around the selection of a suitable third party to either manage the work, or partner with, to deliver the service.
Download our complete security survey results here.