Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

A significant portion of existing SIEM detection rules, 13% on average, are broken. These rules are non-functional and will never trigger. This is a 5% decrease from the 2024 report.

CardinalOps
June 5, 2025
SIEM

A significant portion of existing SIEM detection rules, 13% on average, are broken. These rules are non-functional and will never trigger. This is a 5% decrease from the 2024 report. — This cybersecurity statistic was published by CardinalOps in June 2025. It covers topics including SIEM. The original data appears in 2025 State of SIEM Report. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 6/5/2025

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

A significant portion of existing SIEM detection rules, 13% on average, are broken. These rules are non-functional and will never trigger. This is a 5% decrease from the 2024 report. This data was published by CardinalOps and covers SIEM.

Where does this data come from?

This statistic comes from 2025 State of SIEM Report, published by CardinalOps on June 5, 2025. You can view the original report at https://cardinalops.com/white-papers/2025-state-of-siem-report-download/.

What cybersecurity topics does this cover?

This statistic relates to SIEM. Browse more statistics on SIEM or from CardinalOps.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

68% of enterprise leaders use SIEM integration for visibility of backbone traffic.

Arelion2/5/2026
Security MonitoringNetwork VisibilitySIEM

Only 51% of security operations leaders say their current SIEM is very effective at reducing mean time to detect and respond to threats.

Sumo Logic2/4/2026
SIEMThreat DetectionIncident Response

90% of security operations leaders say supporting data sources from multi-cloud and hybrid-cloud environments is very or extremely important for their SIEM, highlighting the continued need for data pipeline management.

Sumo Logic2/4/2026
Cloud SecuritySIEMData Pipeline Management

52% of security operations leaders are very confident their current SIEM can scale to meet future security and cloud operations needs.

Sumo Logic2/4/2026
SIEMScalabilityCloud Operations

54% of organizations reported that they already use AI for SIEM data management in 2025.

Red Canary10/23/2025
Security OperationsSIEM

70% of internal Security Operations Center (SOC) teams reported a skills shortage in Security Information and Event Management (SIEM) data management as of 2025, impacting their operational efficiency.

Red Canary10/23/2025
Security OperationsSIEM

Browse by Topic

SIEMMore from CardinalOps

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights