Cybersecurity Startup Gold Rush for Venture Capitalists

According to a PrivCo, a financial data provider on privately held companies, venture capital firms are poised to push $788 million into early stage cybersecurity startups this year. This investment amounts to a 74% increase from last year’s $452 million (note: see this article for more details).

If you follow cybersecurity trends, it’s easy to understand why VCs fat cats are throwing money around. For one thing, the threat landscape continues to become increasingly dangerous. In fact, ESG research indicates that 57% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that the threat landscape is significantly worse or somewhat worse than it was two years ago (Source: ESG Research Report, Advanced Malware Detection and Protection Trends, September 2013). So large organizations clearly need help and there are rich rewards waiting for cybersecurity vendors that can come to their aid – after announcing better than expected financial results, Check Point and Fortinet shares are trading at or near a 52-week high.

Topics: Information and Risk Management Security and Privacy

Open Source Vs. Open Enough

There's a big drive in networking towards open source with OpenDaylight and other initiatives. But enterprises aiming for open networking must make a decision: Either settle for "open enough" options from vendors that may not be truly open source but offer the interoperability and support they need, or commit to the ideals and development of true open source technology.

A Replication Feature is NOT a Disaster Recovery Plan

A few years ago, I blogged that “your-replication-is-not-my-disaster-recovery/index.html" target="_blank" title="Jason's previous blog post on "Replication vs. Disaster Recovery"">Your Replication is not my Disaster Recovery” where I lamented that real BC/DR is much more about people/process than it is about technology.

To be clear, I am not bashing replication technologies or the marketing folks at those vendors … because without your data, you don’t have BC/DR, you have people looking for jobs.

Topics: Data Protection JBuff Information and Risk Management Jason Buffington business continuity disaster recovery BCDR

BYOA: Bring Your Own Authentication

Most people who use IT or Internet applications would agree that the current username/password mode of authentication is cumbersome, ineffective, and obsolete. According to ESG research, 55% of information security professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that username/password authentication should be completely eliminated or relegated to non-business critical applications only.

Topics: Cloud Computing Microsoft End-User Computing Private Cloud Infrastructure Information and Risk Management mobile Security and Privacy google Lenovo multi-factor authentication ARM RSA Security Public Cloud Service

EMC’s MegaLaunch: Storage Specifics (Includes Video)

It might seem incongruous to be talking ‘storage specifics’ when discussing EMC – after all, isn’t it a storage company? Well, I mean this in two ways: Firstly, as we move to a more integrated world, so EMC is spending plenty of energy on discussing things other than storage per se; that’s all well and good, but it’s not the focus of this blog. Second, even storage now gets broader by the day; again, that’s all great but this blog is all about delving a little deeper into the ‘vanilla’ storage announcements at EMC’s MegaLaunch earlier this month. One final point here – ‘vanilla’ is neither a pejorative nor a comment on what EMC delivered, it is merely a statement that here I’m focused on the basics. So, to get a summary of the key points for the three main product areas (in this case VMAX, Isilon, and XtremIO) I pointed my video camera at three of EMC’s finest. Take a look at the video and then my comments follow.

Topics: Storage EMC IT Infrastructure Mark Peters Terri McClure Isilon VMAX

The Apple and IBM Partnership

IBM’s announcement on July 15 2014 that they are entering into a global partnership with Apple to transform enterprise mobility has both substance and spin.

The significance of this announcement stems from the enterprise level security, lifecycle support, and integration that IBM is bringing to iOS. IBM’s MaaS360 brings comprehensive mobile device management to bear so users will have a highly secure workplace container for enterprise content. IBM and Apple are also addressing iOS lifecycle concerns. IBM will offer a managed service whereby Apple provides IBM with a beta version of the upcoming iOS release and IBM will test and remediate issues for iOS applications. This way, when Apple suggests that a user upgrade to the latest version of iOS, an enterprise can avoid the potential for broken applications. IBM will also extend BlueMix so that it supports the 4,000 APIs of Apple’s iOS 8 (BlueMix Mobile for iOS). This brings enterprise scale to Apple-based mobile environments.

Topics: IBM Apple Application Development & Deployment Enterprise Software mobile

Big Data Security Analytics “Plumbing”

According to 2012 ESG research, 44% of enterprise organizations (i.e., those with more than 1,000 employees) considered their security data collection and analysis a “big data” application while another 44% believed that their security data collection and analysis would become a big data application within the following two years. Furthermore, 86% of enterprises collected substantially more or somewhat more security data than they had two years earlier. (Source: ESG Research Report, The Emerging Intersection Between Big Data and Security Analytics, November 2012.)

The ongoing trend is pretty clear – large organizations are collecting, processing, and retaining more and more data for analysis using an assortment of tools and services from vendors like IBM, Lancope, LogRhythm, Raytheon, RSA Security, and Splunk to make the data “actionable” for risk management and incident prevention/detection/response.

Topics: Data Management & Analytics IT Infrastructure Networking Information and Risk Management Enterprise Software Security and Privacy

A Storage Strategy Built for the Future

We know the benefits that cloud storage can offer organizations - flexibility, agility, and elasticity more efficiently at lower costs. And that’s really just the start. Once you factor in the potential to address business continuity and productivity concerns with instant backup, archive, and disaster recovery plans, it’s turning into a no brainer. This, of course, doesn’t mean you should only use cloud storage. On-premises, primary storage is still important, especially for those mission-critical applications with strict performance SLAs.

Topics: Hybrid Cloud Storage Cloud Computing Storage Azure Microsoft IT Infrastructure cloud Data Protection Private Cloud Infrastructure Information and Risk Management

Threat Intelligence Lifecycle Maturation in the Enterprise Market

According to ESG research from 2012, 65% of enterprise organizations (i.e., more than 1,000 employees) used external threat intelligence as part of their information security analytics activities (note: I am an ESG employee). The two most popular threat intelligence types were related to vulnerabilities and malware (each is consumed by 63% of organizations that use external threat intelligence).

Topics: Data Management & Analytics Information and Risk Management Security and Privacy Threat Intelligence Lifecycle

Oracle's Big Data SQL Magic

Mixing your own big data solution often seems like a bit of alchemy. A venerated wizard seeks the rare ingredients, carefully measures out the quantities, lets it bubble for a few months in a POC, then with an "abracadabra," finds some poor users to taste the potiion. If they turn green and keel over, it's back to the old cauldron. The common lack of skills makes this all the more fraught. Now Oracle wants to change up the recipe.

Topics: Analytics Big Data Data Management & Analytics Hadoop Enterprise Software Oracle SQL

EMC’s 2014 MegaLaunch - a Tour de Force? (Includes Video)

Last week EMC held the fourth of what it has now established as its “MegaLaunches.” The scale of the events that surround these launches is consistent with the range of announcements that are included. EMC has never been a company that can be accused of being backwards about coming forwards, but even its most vociferous critics and ardent competitors would – albeit no doubt reluctantly! – have to concede that the substance that was delivered to the market last week had some real weight and value. Of course with so much to cover and comment upon it’s hard to do justice in one blog: however, with the help of my colleagues Terri McClure and Jason Buffington, I hope that this video blog will do a darned fine job of not only covering the announcement highlights but also giving you a flavor of the event. While the video itself is longer than we usually produce, I would – with all due humility – commend it to you as a great overview, as I think it feels way shorter than its 8 minute run time.

Topics: Storage IT Infrastructure Data Protection Mark Peters Jason Buffington ProtectPoint Terri McClure Isilon VMAX

EMC Announces Another Step Towards Backupless-backups

Last week, in London, EMC made several announcements – many of which hinged on the VMAX3 platform – but the one of most interest to me was ProtectPoint, where those new VMAX machines will be able to send their backup data directly from production storage to protection storage (EMC Data Domain) without an intermediary backup server.

I mentioned this in workload-enabled-data-protection-is-the-future-and-that-is-a-good-thing/index.html" target="_blank" title="Workload-enabled Data Protection is the future">my blog last week as an example of the fact that, while “backup” is evolving, those kinds of evolutions require that the role of both the Backup Administrator (which should not be thought of as a Data Protection Manager/DPM) and the Storage Administrator (or any other workload manager that is becoming able to protect their own data) need to evolve, as well. Enjoy the video:

Topics: EMC Data Protection JBuff Information and Risk Management Jason Buffington ProtectPoint VMAX

AWS Lifts The Covers on Zocalo

Since I started covering the online file sharing (OFS) market, the big question I get from end-users and vendors alike is "What happens if AWS enters the market?” Of course, they also ask about Google and Microsoft – these are the big three and obvious vendors to ask about, given their infrastructure, cloud offerings, and the incredible price points they can offer thanks to economies of (massive) scale. But the Google and Microsoft online file sharing solutions are already known entities, and AWS (until now) is not. That all changed on July 10th with the introduction of Zocalo, the AWS secure storage and sharing solution.

For the past couple of years, AWS has been increasingly moving up the IT solutions stack – starting way back in 2006 with its first IaaS offerings and fast forward to 2013 and AWS has a pretty broad suite of offerings from compute to networking to application services, databases, and cloud services management – even virtual desktop offerings. Zocalo is a natural extension of AWS’s portfolio – it complements WorkSpaces and positions AWS to be a key IT supplier for next-generation IT (read more about WorkSpaces from my colleague Mark Bowker here).

Topics: Cloud Computing Storage IT Infrastructure Amazon AWS Public Cloud Service

The CISO-centric Information Security Triad

What is the information security triad? Just about everyone knows the answer to this question is CIA – Confidentiality, Integrity, and Availability. Security professionals, service providers, and technology vendors are responsible for these three infosec pillars in one way or another.

CISOs also take part of CIA oversight, but their responsibilities extend beyond confidentiality, integrity, and availability alone. In fact, the CISO role is changing rapidly and becoming so critical that these security executives deserve a cybersecurity triad of their own. The modern CISO triad equates to:

  1. Security efficacy. In some ways, this requirement supports the status quo as CISOs have always been accountable for cyber defense. So what’s changed? Security efficacy used to be closely associated with risk management – identifying and quantifying risk, and then putting the right controls in place for risk mitigation. While CISOs still own this part of the job, they are increasingly tasked with putting up security fences as well as overseeing top notch intelligence and emergency response agencies. These responsibilities require a vast improvement in internal and external security intelligence supported by an intensification in specialized security analytics skills which can be difficult to find. Finally, CISOs need to be able to translate geek speak and a cyber-gumshoe lexicon into business metrics.
  2. Operational efficiency. In the past, CISOs tended to disregard security operations in favor of a dogmatic focus on security efficacy. This led to a best-of-breed security technology mentality where organizations purchased the best e-mail security, AV software, firewalls, and IDS/IPSs they could find. While well intended, this strategy made mighty enterprise organizations dependent upon an army of point tools, manual processes, and a plethora of individual contributors from the IT security organization. This situation is not only an operational nightmare but also detracts from security efficacy as modern malware circumvents security defenses and “kill chain” phases are viewed as autonomous events. Modern CISOs hired over the past few years are in charge of supplanting this mess with a mix of coordinated processes, integrated technologies, organizational cooperation, and far more automation.
  3. Business enablement. Some industry pundits have dumbed down this necessity with statements like: “Information security can no longer get in the way of the business.” True, but overly simplistic and not the point. CISOs are supposed to hold up a stop sign when the organization embarks on initiatives that exacerbate cyber risk but this assumes that they understand the IT initiatives and business processes involved. Based upon cybersecurity history, this may be a bold supposition. Modern CISOs have to approach business enablement in two distinct ways: 1) Business process expertise, and 2) Cybersecurity services that can support business initiatives. The latter requirement could include a flexible infrastructure for Identity and Access Management (IAM), flexible security services that are extensible to IaaS and SaaS infrastructure, fine-grained network access control policies/enforcement, and strong data security and enterprise Digital Rights Management (eDRM). In aggregate, it’s not about holding back the business, it’s about enabling the business to be creative while constantly managing IT risk.
Topics: Cybersecurity Information and Risk Management Security and Privacy CISO

IT Selfies: Operational Analytics Come Into Focus

If you're reading this blog, statistically it is highly probable that you work in IT like me, the lone anomaly being my mother (hi, mom!). And if you are like me, you probably got into IT not so much because it's a sexy topic for cocktail parties, but because of all the cool techie toys, a love of science fiction, and a keen desire to understand how things work.

Topics: Analytics Big Data Data Management & Analytics Hadoop Enterprise Software operations

Workload-enabled Data Protection is the Future … and that is a good thing

When asked “what is the future for data center data protection?” my most frequent answer is that DP becomes less about dedicated backup admins with dedicated backup infrastructure … and more about DP savvy being part of the production workload, co-managed by the DP and workload administrators.

  • In the last few years, we’ve seen a few examples of that with DBAs using Oracle RMAN to do backups that aren’t rogue outside of corporate data protection mandates, but in concert with them – and stored in the same deduplicated solution as the rest of the backups (e.g., DDboost for Oracle RMAN).
  • More recently, we are seeing more examples of VMware administrators getting similar functionality, including not only VMware’s own VDPA/VDPA+, but also traditional backup engines that are being controlled through vCenter plug-ins to give the virtualization admin their own solution.

EMC’s announcement of ProtectPoint is another step in that evolutionary journey, enabling VMAX production storage to go directly to Data Domain protection storage, thereby giving yet another group of IT Pros more direct control of their own protection/recovery destiny, while at the same time extending the agility and sphere of influence of data protection professionals.

To be clear, as workload owner enablement continues to evolve, the role of the “Data Protection Manager” (formerly known as the “backup administrator”) also evolves – but it does not and cannot go away. DPMs should be thrilled to be out of some of the mundane aspects of tactical data protection and even more elated that the technology innovations like snap-to-dedupe integration, application-integration, etc. create real partnerships between the workload owners and the data protection professionals. And it does need to be a partnership, because while the technical crossovers are nice, they must be coupled with shared responsibility.

If the legacy backup admin simply abdicates the role of protecting data to the workload owner, because she now has a direct UI, many backups will simply stop being done – because the tactical ability to back up and the strategic mindset of understanding business and regulatory retention requirements are very different. The “Data Protection Manager” should be just that, the role that manages or ensures that data protection occurs – regardless of whether they enact it themselves (using traditional backup tools) or enable it through integrated data protection infrastructure that is shared with the workload owners.

Some naysayers will be concerned that as the workload owners gain tools that enable their own backups, the DP admin role diminishes – but there is a wide range of behaviors that are enabled by this evolution:

Some workload owners will wholly take on the DP mantle, but the DP manager will still need to “inspect what they expect” so that corporate retention and BC/DR mandates still happen.

Some workload owners will be grateful to drive their own restore experiences, but happily rely on the DP managers to manage the backups beforehand.

Some workload owners will recognize that they are so busy managing the workloads, the DP admins will continue to do the backups and restores – but now with better backups/snaps that continue to be even more workload-savvy.

And there are likely other variations of those workload owner/DP Manager partnerships beyond these. But any way that you look at it, the evolution and collaboration of workload-enhanced data protection that can be shared between the workload owner(s) and the data protection managers is a good thing that should continue.

Topics: EMC Data Protection JBuff Information and Risk Management Jason Buffington

EMC Opens the Cloud Gateway with TwinStrata Acquisition

The market has been waiting for EMC to acquire a cloud gateway company, but for years the speculation was it would be acquired by the cloud division as a data onboarding tool for Atmos. Today EMC announced the acquisition of Natick MA- based TwinStrata by the storage division as a part of its VMAX strategy. This is indeed an intriguing and smart move. EMC VMAX embedding a gateway allows EMC to leverage its FAST tiering technology to add a cloud tier. Of course, there is certainly broader potential for the technology to be leveraged across EMC divisions longer term. This will just be the first instantiation of the technology. It also fits well with the cloud-like attributes of the new, third generation VMAX, which introduces storage services and flexible CUP resources that can be allocated in an elastic manner to support front or back-end storage processes.

Topics: Storage EMC IT Infrastructure VMAX Cloud Gateway

Board of Directors Will Have a Profound Impact on Cybersecurity

According to a recent article in the Wall Street Journal, corporate boards are getting much more involved in cybersecurity. What’s driving this behavior? While the Target breach probably influenced this behavior, corporate boards now realize that cybersecurity has become a pervasive risk that could have an adverse impact on all businesses. This is consistent with recent ESG research where 29% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) said that executive management (and the corporate board) is much more engaged in cybersecurity situational awareness and strategy than it was two years ago, while another 40% stated that executive management (and the corporate board) is somewhat more engaged in cybersecurity situational awareness and strategy than it was two years ago.

What does this mean? Further board-level participation in all things cybersecurity has several ramifications for the infosec community at large (i.e., security professionals, product vendors, service providers, researchers, etc.):

Topics: Information and Risk Management Security and Privacy

We Built This Country on Rock & Roll

As we are now enjoying the lovely Independence Day holiday weekend, it's always nice to reflect back on what makes America so special a place in the world. No, not U.S. Soccer's latest performance in the footy cup, though Tim Howard was indeed heroic. Instead, I'm referring to some special documents that laid the groundwork for the last couple hundred years: the Declaration and the Constitution. If you haven't read these lately, I highly recommend taking the time. These pieces respectively show that sometimes, you need to break history to reinvent a better result, and that foresight and planning can serve extremely well as a roadmap for the future. There are some valuable lessons to be learned and relearned, and I contend these are relevant to big data initiatives today.

Topics: Analytics Big Data Data Management & Analytics Enterprise Software business intelligence

Big Data Security Analytics Mantra: Collect and Analyze Everything

In a recent research survey, ESG asked security professionals to identify the most important type of data for use in malware detection and analysis (see the full report, Advanced Malware Detection and Protection Trends). The responses were as follows:

Topics: Data Management & Analytics Information and Risk Management Enterprise Software Security and Privacy