As the old cybersecurity adage states, "The cybersecurity chain is only as strong as its weakest link." Smart CISOs also understand that the proverbial weak link may actually be out of their control.
The endpoint often plays a central role in the cyber kill chain, serving as the entry point and staging ground for a broader attack, a dynamic that has raised the stakes in protecting the endpoint attack surface area. Today’s endpoint security market is in transition, with customers seeking solutions that protect against zero day malware and exploits while evaluating whether “next-generation” solutions augment or replace traditional antivirus. Webroot SecureAnywhere Business Endpoint Protection strives to bridge the gap with a smart approach to detect, prevent, and remediate malware on endpoints.
According to ESG research, 79% of cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that network security management and operations is more difficult today than it was two years ago. Why? Infosec pros point to a combination of increasingly dangerous cyber-threats, new IT initiatives like cloud and mobile computing, legacy point tools, and growing security operations overhead.
In order to explore cyber supply chain security practices and challenges further, ESG surveyed 303 IT and information security professionals representing large midmarket (500 to 999 employees) organizations and enterprise-class (1,000 employees or more) organizations in the United States within vertical industries designated as critical infrastructure by the U.S. Department of Homeland Security (DHS). All respondents were familiar with/responsible for their organization’s information security policies and procedures, especially with respect to the procurement of IT products and services. Respondents also had to be familiar with cyber supply chain security as defined previously.
When it comes to threat intelligence, there seem to be two primary focus areas in play: The threat intelligence data itself and the legislative rhetoric around threat intelligence sharing (i.e., CISA, CISPA, etc.). What’s missing? The answer to a basic question: How do organizations get actual value out of threat intelligence data and threat intelligence sharing in a meaningful way?
In this ESG Video Capsule series, ESG Senior Principal Analyst Jon Oltsik reviews recent ESG research on Threat Intelligence trends. In this segment, Jon discusses the future of threat intelligence.
At last week’s VMworld event in San Francisco, I spent a good deal of time speaking with VMware, its customers, and a wide variety of its partners about the cybersecurity use case for NSX
Little known fact: Yesterday was the 30th anniversary of Bob Ballard’s discovery of the RMS Titanic, several hundred miles off the coast of Newfoundland Canada. I’ve recently done some research into the ship, its builders, and its ultimate fate and believe that lessons learned from Titanic may be useful for the cybersecurity community at large.
In this Video Capsule series, ESG Senior Principal Analyst Jon Oltsik reviews recent ESG Research on Threat Intelligence trends. In this segment, Jon discusses Organizational Challenges.
It’s the end of the summer of 2015—the nights are getting cooler, the leaves are starting to change colors, and flocks of students are abandoning the beaches of Cape Cod bound for college campuses. The seasonal change also signals another annual ritual: VMworld in San Francisco.
In this ESG Video Capsule series, ESG Senior Principal Analyst Jon Oltsik reviews recent ESG Research on Threat Intelligence trends. In this segment, Jon discusses organizational objectives.
Five to ten years ago, the cybersecurity industry was mainly focused on incident prevention with tools like endpoint antivirus software, firewalls, IDS/IPS and web threat gateways. This perspective changed around 2010, driven by the Google Aurora and the subsequent obsession on advanced persistent threats (APTs).
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188