CISOs need tighter control and improved security intelligence/analytics.
Combination of carrots, sticks, investment, and education.
Critical infrastructure organizations most vocal about the need for federal cybersecurity help
Strengths: Integration, architecture, and end-to-end coverage. Weakness: Market visibility.
Vendors must focus in these areas to help enterprise organizations with security efficacy and operational efficiency.
Architecture aligns detection with prevention and remediation to streamline security operations.
Packet and meta data capture analysis is helping large organizations accelerate malware detection and remediation.
Collaborative community adds value to Splunk software and tools.
Lack of knowledge leads to ineffective malware defenses and lengthy detection timeframes.
Q&A is meant to cut through vendor spin and help users understand and benefit from big data security analytics.
Mobile computing is well beyond a fad for e-mail enablement; enterprise organizations are undertaking mobile computing initiatives for new business processes and creative applications that reach employees, customers, and even business partners. When mobile devices were first implemented, CIOs turned to Mobile Device Management (MDM) platforms to onboard and manage devices, but MDM really doesn’t protect employees when they use mobile browsers or applications on the devices themselves. As mobile computing evolves, CISOs are implementing their own mobile security solutions for malware protection and application controls. Cloud-based mobile security solutions that integrate with traditional MDM are becoming popular choices for these requirements.
Since the term “cyber Pearl Harbor” was first coined during the Clinton administration, the U.S. government has warned about cybersecurity dangers but done little to protect the nation. Earlier this year, President Obama issued an executive order to address cybersecurity, but others in Washington view this as a political move and remain cynical about any real cybersecurity threat. Is the cyber threat real and if so, what should the U.S. Federal Government do about it? To answer this question, ESG surveyed 315 security professionals working at U.S.-based enterprise organizations (i.e., 1,000 or more employees). This well-informed group of cybersecurity “insiders” is much more certain than DC pundits, think tanks, and legislators—they firmly believe that cybersecurity threats are real and want to see more from Washington in response.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188