Organisations generate millions of system logs every day from the likes of servers, firewalls and network devices. Their ability to process, analyse and react to this information affects how they will manage any security risks and incidents. To help process this data, many organisations implement a Security Incident and Event Management (SIEM) system or outsource to a Cyber Security Operations Centre (CSOC) for their monitoring, which provides a real-time analysis of security alerts.

Cyber security is more complex now than ever before, and the implications of a cyber-attack can be much more disastrous. Organisations must consider not only the financial implications but the reputational damage that can arise following an attack. The proliferation of social platforms and the increasing needs of regulation, mean that security breaches can be publicised across the globe within minutes. Whilst the cost of launching a cyber-attack has reduced over the last few years, the cost of defence has risen. This is because there's a greater variety of attack vectors – means by which an attacker can gain access to your network. The methods deployed are so vast, compared to previously, that it makes it increasingly difficult to build an effective defence against. Highly sophisticated cyber-attacks are also using automation techniques to maximise their damage, to the extent where one piece of code can be used many thousands of times.