In Cloud Computing, the cloud serves as a central data hub for the Industrial Internet of Things’ (IIoT) data and is deployed in diverse application fields, e.g., Smart Grid or Smart Manufacturing. Therefore, the aggregated and contextualized data is bundled in a central data hub, bringing tremendous cybersecurity advantages. Given the threat landscape in IIoT systems, especially SMEs (small and medium-sized enterprises) need to be prepared regarding their cybersecurity, react quickly, and strengthen their overall cybersecurity. For instance, with the application of machine learning algorithms, security-related data can be analyzed predictively in order to be able to ward off a potential attack at an early stage. Since modern reference architectures for IIoT systems, such as RAMI 4.0 or IIRA, consider cybersecurity approaches on a high level and SMEs lack financial funds and knowledge, this paper conceptualizes a security analytics service used as a security add-on to these reference architectures. Thus, this paper conceptualizes a flexible security analytics service that implements security capabilities with flexible analytical techniques that fit specific SMEs’ needs. The security analytics service is also evaluated with a real-world use case.