About a decade ago, I was first introduced to the Jericho Forum, an international group of cybersecurity executives committed to defining new infosec tools and architectures.
A few years ago, cloud computing faced an infosec hurdle. Many CIOs appreciated the benefits of cloud computing but their concerns about cloud security outweighed all of its potential goodness. General cloud security trepidation thus precluded broader use of cloud computing.
Last week I wrote two blogs about cybersecurity, critical infrastructure organizations, and the US government. Now I'll discuss valuable federal cybersecurity training for critical infrastructure organizations.
In my last blog, I highlighted a recent ESG research survey of cybersecurity professionals working at critical infrastructure organizations. As a review...
The term “critical infrastructure” is used by governments around the world to describe industries and physical assets deemed essential to their economies and national security. Critical infrastructure industries include agriculture, electricity generation, financial services, health care, telecommunications, and government services like law enforcement and the water supply (i.e., drinking water, waste water, dams, etc.).
Since the administrations of George H.W. Bush and Bill Clinton, Washington politicians have pledged to address cyber-vulnerabilities within critical infrastructure industries. Has anything changed? Not really. The research conducted by ESG and presented in this brief reveals that critical infrastructure organizations continue to experience numerous security incidents and believe that the threat landscape is only getting worse. Furthermore, security professionals working at these organizations remain unclear about the U.S. government’s cybersecurity strategy. In spite of this confusion, critical infrastructure organizations believe that it’s time for Washington to get more involved in cybersecurity issues and create cybersecurity programs that offer real help.
I was just getting on my flight to the RSA Security Conference in San Francisco on Monday morning when I received an e-mail announcing an intriguing cybersecurity deal.Defense contractor Raytheon announced its acquisition of security veteran Websense for approximately $1.6 billion. Vista Equity Partners, Websense’s previous owner, also contributed $335 million and will retain some skin in the game.
As the 2015 RSA Conference got underway this week, I attended a dinner hosted by Pacific Crest Securities. Our host began the dinner by asking former cyber czar Richard Clarke to say a few words. Now this was a rather festive dinner as the cybersecurity industry is in the midst of a robust boom. Nevertheless, Clarke’s brief talk was a reminder of where we’ve been and the state of cybersecurity today.
Just a few days until the start of the RSA Conference and I expect an even bigger event than last year – more presentations, vendors, cocktail parties, etc. The conference will likely focus on security technologies like endpoint security, cloud, security, threat intelligence, IAM, and others which I described in a recent blog.
In this ESG Video Capsule, ESG Senior Principal Analyst Jon Oltsik discusses ESG's recent research on endpoint security.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188