natali_mis - stock.adobe.com
Major suppliers of security information and event management (SIEM) systems typically charge for their software on a consumption basis, whether it is the number of messages per second or the amount of data processed per day.
“That consumption-based model has been the measurement of value,” said Chris Petersen, co-founder and CTO of LogRhythm. “The more you consume, the more value you’re getting from your platform, therefore the more you should pay.”
Petersen said the challenge with pay-by-volume pricing models is that it is often difficult for an enterprise to predict how many messages per second it processes when sizing its SIEM investments, potentially exposing it to bill shocks if the volume of messages increases later.
“The result of that is many CISOs [chief information security officers] feel like they can’t bring on more data,” said Petersen. “But organisations want to protect themselves by detecting and responding to threats more quickly and to gain more visibility across the enterprise.”
To address cost concerns that could hamper innovation and lead to security blind spots when enterprises size up their SIEM investment, LogRhythm has introduced an unlimited data plan for its SIEM platform.
“Instead of charging by consumption of data, we are going to look at how big an organisation is, based on employee count, and offer a fair and reasonable price based on that,” said Petersen, adding that enterprises will have to sign a three-year contract that allows them to ingest as much data as they like.
This gives CIOs and chief financial officers more assurance and predictability in their SIEM investments, as well as the freedom to collect and ingest as much log data they want without busting their budgets, he said.
Petersen said LogRhythm has worked out a migration path for existing customers with perpetual licences that are keen to try out this new pricing model later this year.
“We think this is the industry’s true unlimited data plan,” he said. “Other vendors talk about unlimited data, but there are still tiers – you still get an unexpected bill when you move up to the next tier.”
Read more about cyber security in APAC
- A Russian-speaking APT group has extended its reach into Asia-Pacific, taking off with millions of dollars of stolen funds from banks in the region.
- A renowned ethical hacker in Malaysia has called for more nations to support the Paris Call for Trust and Security in Cyberspace to counter the threat of cyber warfare.
- A team of University of Melbourne researchers has been able to re-identify individuals from a public transport dataset, raising serious privacy, safety and security issues.
- While Australian businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators.
To be sure, LogRhythm is not moving all its customers to the new pricing model. In cases where a consumption-based model still makes sense – in very defined scopes of data collection, for instance – Petersen said customers can continue to use existing perpetual licences that are priced based on the number of messages per second.
The new term-pricing structure is expected to benefit enterprises that deploy internet of things (IoT) sensors that expand the attack surface, making it more crucial to collect data on security events at the edge of a network.
“It’s hard to predict what those volumes are, but if more IoT sensors come online, you pay the same price,” said Petersen, pointing out that visibility over those devices will become even more important.