Sign in

The cybersecurity industry is ripe with new technology categories and products, and a fair amount of the current buzz is around various flavors of data science and security automation. If you’re lucky enough to work for an organization that has budget and desire to implement new tech, some of these capabilities might have been on your holiday wish list. However, even if you had the funding available, most organization aren’t staffed to implement multiple new technologies in parallel. So the question becomes, if you can only add one new capability this year, what should it be? Automation or Analytics?


Congratulations! Your organization just finished building out a new SIEM (security incident and event management, for the unindoctrinated) and I suspect you all went with or wish you had gone with Splunk. What’s your reward for all this hard work? You get to think about what’s next. That’s where I am, thinking about what’s next. I get this question a lot… what will replace Splunk? And honestly, I think there will be a next thing… remember ArcSight? I know that predicting the future is a risky business, though it’s objectively fun in the moment. So let’s do some predicting!


Jon Bagg

Cybersecurity professional and consultant. Opinions expressed here are my own.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store