SIEM Migration: Breaking Up is Hard to Do

Thursday, February 29, 2024

2:00 - 3:00 PM EST

60 minutes, including Q&A

Like it or not, you’re in a relationship with your SIEM. Can you rekindle the bond you had during the initial implementation with some intense therapy? Or is it time to call it quits and start over? If you’re moving to a new SIEM (or even just considering making a move), how do you make the right first move and avoid the pitfalls that might lead you right back to disappointment?

Join Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud, and Jay Lillie, VP of Customer Success at CardinalOps, as they provide useful and proven guidance for navigating the complexity of considering or moving forward with SIEM migration. They will cover the full lifecycle associated with SIEM migration to help you no matter where you are in your relationship:

  • Should I stay or should I go? (Deciding on keeping your current SIEM or making a switch)
  • If I stay, can this get better? (How to address common issues with a SIEM you’re keeping)
  • If I’m moving on, what should I look for in my new partner? (Shopping for a new SIEM with migration in mind)
  • Holding on to the good, letting go of the bad (How do I perform migration the right way?)

Sponsored by:



Dr. Anton Chuvakin

Security Advisor at Office of the CISO

Google Cloud

Dr. Chuvakin is a leader of the security solution strategy at Google Cloud, where he arrived via the Chronicle Security (an Alphabet company) acquisition in July 2019. Until June 2019, Dr. Anton Chuvakin was a Research VP and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies (SRMS) team. At Gartner he covered a broad range of security operations and detection and response topics and is credited with inventing the term "EDR." He also worked for some of the earliest log management companies in the early 2000s.

Jay Lillie

VP of Customer Success


Jay Lillie is VP Customer Success for CardinalOps where he helps organizations around the world improve their SIEM-based detection posture. After an early career in business process management and Big Data, his more recent experience in cybersecurity ranges from machine learning behavioral analytics to identity governance. He has paired his career in technology startups with a parallel career as a member of the US Marine Corps Reserves. Before he retired, his capstone military tour was as the Senior Enlisted Advisor for the Reserve component of the Marine Corps Cyber Warfare Group.

Terry Sweeney


Black Hat

Terry Sweeney is a Los Angeles-based writer and editor who's covered business technology for three decades. He's written about cyber security for more than 15 years and was one of the founding editors of Dark Reading. Sweeney has covered enterprise networking extensively, as well as its supporting technologies like storage, wireless, cloud-based apps and the emerging Internet of Things. He's been a contributing editor to The Washington Post, Crain’s New York Business, Red Herring, Information Week, Network World, SearchAWS.com, and Stadium Tech Report.

Sustaining Partners