Organizations that provide centralized security monitoring of the networks of multiple third-party organizations are faced with a challenging task.The amount of security event data that needs to be processed not only presents a technical challenge, but it also presents a problem-solving challenge for the operators. In this talk I argue that with the right tools in place these challenges can be met and that, as a result, the natural benefits of centralized monitoring can come into play. This raises the effectiveness of monitoring to a level beyond the reach of organizations focusing exclusively on their own network.