2018: The Year of Advanced Threat Prevention

A few years ago, the cybersecurity industry adopted a new mindset that went something like this: 

Topics: Cybersecurity threat intelligence antivirus micro-segmentation next-generation endpoint security DNS

The Case Against AWS – And It’s Not AWS' Fault

Recently the NSA, a highly secure US government entity, left an unprotected disk image loaded with classified information right out in public on AWS. 

Topics: Cybersecurity AWS nsa

AWS Is Not Slowing Down at re:Invent (with Video)

AWS, as an established public cloud leader, can afford to rest on its laurels, but with competitors sprinting behind it, it is not slowing down in any way. During the Global Partner Summit at the re:Invent trade show, there were numerous announcements, including the Networking Competency for AWS Partners and the availability of PrivateLink for customer and partner network services.

Are there any patterns I see?

Topics: Cloud Computing AWS re:Invent

Cybersecurity Professional Recruitment Chaos

Here’s a quick review of some of the cybersecurity skills shortage data I’ve cited in recent blogs:

  1. According to ESG research from early 2017, 45% of organizations claim to have a problematic shortage of cybersecurity skills.
  2. In a recent research project conducted by ESG and the information systems security association (ISSA), 70% of cybersecurity professionals say that the cybersecurity skills shortage has had an impact on their organization. The skills shortage has led to an increasing workload on existing staff, the need to hire and train junior employees due to the lack of experienced talent, and a situation where the cybersecurity staff spends most of its time on emergency issues and very little time on proactive strategic planning or training.
Topics: Cybersecurity cybersecurity skills shortage ISSA

Motive, Means, and Opportunity for Evaluating HCI Performance

With all the hype surrounding hyperconverged infrastructure (HCI), ESG’s technical validation practice has been busy evaluating various HCI solutions.

Motive

According to my colleagues Mike Leone, Edwin Yuen, and Terri McClure, organizations are now confident enough in HCI that they’re deploying HCI as their primary infrastructure housing their tier-1 applications. Thus, buying criteria has evolved from answering “Can this offering support my applications?” to “How well can it support my application?”

Topics: Converged Infrastructure ESG Lab hyperconverged infrastructure performance

Enterprises Must Address Internet of Identities Challenges

As November ends, everyone and their brother/sister will be writing about their IT and security predictions for 2018. Here’s a no-brainer from me: We’ll see massive proliferation of IoT devices on the network next year. Some of these will be general purpose like IP cameras, smart thermostats, smart electric meters, etc., but many others will be industry-specific sensors, actuators, and data collectors.

Topics: Cybersecurity Internet of Things IoT Mark Bowker IAM Internet of Identities

Facing the Hybrid Cloud Reality

Public cloud has its pros and cons, but enterprises today can't afford to be anti-cloud.

After I moderated a panel discussion at Interop ITX titled "Cloud Adoption Experiences: Backlash or Goodness?" some attendees said they were disappointed that all three panelists were enthusiastic about using a public cloud provider. Were they expecting a spirited debate or even fight on stage, or were they looking for a way to justify their existing systems? Ultimately, the feedback indicated that attendees need to understand the pros and cons of public cloud to make their IT decisions. They’re looking to do the right thing for their organizations.

Read the rest on Network Computing.

Topics: Cloud Computing

DevOps Myths and Realities: Why the Key to DevOps is Understanding What it is First (Video)

Now more than ever, the IT world is a giant game of buzzword bingo, where vendors are adopting hot buzzwords for their products like they are writing a online dating profile. One of the biggest buzzwords that I run into is DevOps. There probably isn't an application or management product out there that doesn't claim to be DevOps or enable DevOps.

Topics: DevOps Systems Management

The Cybersecurity Skills Shortage Acts as A Root Cause for Security Events

ESG recently published a new research report titled, The Life and Times of Cybersecurity Professionals, with its research partner, the Information Systems Security Association (ISSA). 

The research looks closely at the ramifications of the cybersecurity skills shortage – beyond the obvious conclusion that there are more cybersecurity jobs than people with the right skills and background to fill these jobs.

Topics: Cybersecurity cybersecurity skills shortage incident response ISSA

SOAPA Video with Arbor Networks (Part 2)

In the second part of my SOAPA video with Arabella Hallawell from Arbor Networks, we discuss:

  1. SOAPA technology integration. Arbor Networks partners with lots of network service providers, giving the company a bird’s eye view of Internet traffic. The company uses this position to monitor, collect, and curate threat intelligence through its ASERT team. As part of its network security analytics products and services, it adds CTI to give customers an understanding of malicious activities happening inside and outside of their networks. Of course, integrating internal network telemetry and CTI is one of the principles of SOAPA. 
Topics: Cybersecurity security operations cyber threat intelligence network security analytics SOAPA Arbor Networks Arabella Hallawell

Acute Cybersecurity Skills Shortage Areas

In my last blog, I reviewed some new research from ESG and the Information Systems Security Association (ISSA), revealing that 70% of cybersecurity pros say that the global cybersecurity skills shortage has impacted their organizations. Based upon this and other similar research, I’m convinced that the cybersecurity skills shortage represents an existential risk to our data, businesses, and national security.

Topics: Cybersecurity security analytics security operations cloud security application security ISSA security investigations

New Research Confirms the Cybersecurity Skills Shortage Is an Existential Threat

I’ve been writing about the cybersecurity skills shortage for 7 years, clucking like a digital "chicken little" to anyone who would listen. If you’ve followed my blogs, you probably know that ESG research from early 2017 indicated that 45% of organizations said they have a problematic shortage of cybersecurity skills. This data represents large and small organizations across all geographic regions so the cybersecurity skills shortage can be considered a pervasive global issue.

Topics: Cybersecurity cybersecurity skills shortage ISSA

Understanding The Hype Around Hyperconverged Infrastructure

There is a lot of hype around hyperconverged infrastructure (HCI). All the big vendors and a number of lesser-known smaller ones are in the game. Dell EMC has doubled down on its HCI portfolio investments; NetApp is entering the market leveraging its Solidfire technology; HPE is investing in growing its SimpliVity line; Cisco acquired Springpath so it could offer its own line, but it also partners with Nutanix, HPE and just about everyone else! Speaking of Nutanix, it was a category pioneer (along with SimpliVity) and its Dell EMC branded business is still growing, even though Dell EMC has somewhat competing products with VxRack and VxRail (the 3 HCI products serve different use cases - a topic for another blog!). Nutanix is also doing a healthy business through Lenovo and its channel partners and it has an agreement with IBM to offer its HCI on Power systems. Lesser-known (but fast growing) Pivot3 just announced 50% growth in bookings! Hitachi Vantara has a product it is also leveraging for Lumada IoT, and VMware sells vSAN for HCI use cases. I'm still just scratching the surface- I know I've left some vendors out - it's a long list!

Topics: Storage HCI Systems Management hyperconverged infastructure

SOAPA Video with Arbor Networks (Part 1)

Next up on the SOAPA video series is Arabella Hallawell, Sr. Director of Product Marketing at Arbor Networks. I first met Arbor Networks back in 2003 when it was a leading provider of network behavior anomaly detection (NBAD) tools and the company has been a steady player in network security ever since. Today, Arbor Networks is a leading provider of products and services for DDoS protection, network security analytics, threat intelligence, etc. 

Topics: Cybersecurity SIEM network security analytics network security operations SOAPA SOC Arbor Networks

Cybersecurity, Mobility, and the Expanding Perimeter (Video)

As businesses lose control of devices and rapidly adopt cloud consumption models, identity and data have become the new perimeter for IT operations and information security teams to secure and protect. My colleague Jon Oltsik and I sit down together to highlight how mobility, identity, and security are creating technology challenges, organizational barriers, and business risks as the security perimeter expands at a faster pace than business can keep up with. The discussion sparks attention towards the IT vendors that are attempting to enhance security postures from within a silo as opposed to the new purview business are dealing with today.

Topics: Cybersecurity identity and access management Enterprise Mobility

SOAPA Video with Siemplify (Part 2)

Siemplify, like other companies I’ve interviewed, is a security operations technology company. What sets Siemplify apart, however, is the background of its founders. This team isn’t composed of serial startup technologists from Silicon Valley, but rather cybersecurity experts from Israel. In fact, Amos Stern spent a good portion of his career as a security analyst, building SOCs, and training security personnel.

Topics: Cybersecurity SIEM security operations SOAPA Siemplify security operations automation and orchestration

Do you want to deploy HCI? How do you compare solutions?

Hyperconverged infrastructures (HCI) are one of the drivers of the current data center revolution—39% of organizations have already deployed their first HCI solution.

Topics: hyperconverged infastructure

Identity and Access Management (IAM) Has Been in Babysitting Mode for Years...Something Must Change!

IAM creates the first link in the “chain of trust” when a user, device, or a connected thing authenticates with a trusted source. Establishing this initial handshake is critical since it initializes the path to access and authorization—no wonder IAM has quickly become a renewed focal point for IT operations and information security professionals. To that end, ESG recently completed an IAM research study to validate existing business pain points around authentication, IAM professional white board priorities, and opportunities for IAM vendors to differentiate themselves amongst the countless tools littering a complex IAM landscape that are leading to buyer confusion.

Topics: identity and access management

The Cybersecurity Skills Shortage Impacts Security Operations

According to ESG research, 45% of organizations report having a problematic shortage of cybersecurity skills in 2017. Of course, this applies to all areas of cybersecurity but recent ESG research shows that the skills shortage has a direct impact on security analytics and operations. The research reveals that:

  • 54% of organizations say they don’t have the appropriate security operations skills for an organization of their size.
  • 57% of organizations say they don’t have appropriate security operations staffing for an organization of their size.
Topics: Cybersecurity SIEM incident response security operations threat hunting computer forensics

The Drivers of Change in Endpoint Security

I guess I still think like a product manager. In my last blog, the first of a few analyzing key findings from ESG’s recent endpoint security, I shared my take on the net-net design center for contemporary endpoint security solutions, one that serves two masters – efficacy and efficiency. The state of endpoint security can be characterized as one of constant change in which organizations are implementing compensating measures to improve both the efficacy and efficiency. But what factors are driving the “efficient efficacy” market requirement?

With respect to efficacy, ESG’s endpoint security research highlights that customers have experienced, and are concerned about, a diverse range of threats:

Topics: Cybersecurity endoint security

Dell EMC - Guaranteed to Please?

Dell EMC made a broad swathe of announcements pertaining to its midrange storage systems this week.

Aside from the product news (and there’s certainly some important technological advances/catch-ups in the announcement*) there’s notable news on the commercial front, with Dell EMC launching its full blown “Future Proof Storage Loyalty Program.” It is a mix of assurances, flexibility, and guarantees - and I think one would have to say that objectively it’s pretty darned good. Certainly, having such assurances from a market leader like Dell EMC will be especially welcome for its myriad users (and channel partners too, I would imagine). 

Topics: Storage Future Proof Storage Loyalty Program

Dell EMC Updates its Midrange for a Flash Storage-defined World

Today Dell EMC announced an update to its midrange storage portfolio. And with the addition of several new and compelling features to both Unity and SC, Dell EMC reaffirms its commitment to both midrange product lines.

 So what's new?

For the SC family, Dell EMC introduces two options, the SC5020F and the SC7020F. The takeaway here is the move to flash, with Dell EMC claiming all-flash performance of up to 399,000 IOPS per array and 3.9 million aggregate IOPS per multi-array federated cluster. As part of the SC family, the SC5020F and SC7020F support the core SC functionality, such as federated clusters for scalability, data deduplication and compression, along with an all-inclusive software model.

Topics: Storage dell-emc All-Flash Array

Identity Management To-Do List Aligns with Cybersecurity

My colleague Mark Bowker just completed some comprehensive research on identity and access management (IAM) challenges, plans, and strategies at enterprise organizations. As a cybersecurity professional, I welcome this data. Identity management should be a major component of an enterprise risk management strategy, yet IAM technology decisions are often treated tactically or left to application developers or IT operations staff who don’t always prioritize security in their planning.

Topics: Cybersecurity Mark Bowker IAM identity and access management

SOAPA Video with Siemplify (Part 1)

As part of the ESG SOAPA video series, Amos Stern, CEO of Siemplify, stopped by the ESG studio last week to join the discussion. Not familiar with Siemplify? The company was founded by a team of experienced security operations experts who believe that security operations technology should be easier, provide greater integration, and align better with SOC processes. Based upon these goals, Siemplify offers a product called ThreatNexus, a security operations platform designed to help analysts manage, investigate, and automate, and centralize security operations.

Topics: Cybersecurity SIEM security operations incident response automation and orchestration SOAPA SOC Siemplify security operations center

SOAPA Video with ThetaPoint (Part 2)

PJ Bihuniak, COO of ThetaPoint, has a wealth of experience and knowledge in security operation, going back to his time at ArcSight. PJ is still active in this area, as ThetaPoint specializes in professional and managed services for security operations. It was great having him participate in the ESG SOAPA video series.

In part 2 of our video, PJ and I discussed:

Topics: Cybersecurity SIEM SOAPA ThetaPoint

VMware’s Intention to Acquire VeloCloud: What does it mean?

The announcement of VMware’s intention to acquire VeloCloud signals the broadening of the NSX Everywhere story. SD-WAN is a solution that offers agility, security, orchestration, and other business outcomes for remote and branch offices. It should not be considered just an MPLS replacement for the WAN with savings on bandwidth costs. 

At a core level, both NSX and VeloCloud’s products are based on an overlay network, which offers the flexibility to treat a logical network separately from the physical network, and this core concept has been popularized for many years via MPLS. Ironically, it’s the perceived lack of flexibility and costs of MPLS that have become the initial drivers for the popularization of SD-WAN, which promised to modernize the branch networks and WAN.

Topics: Cloud Computing Networking

Storage Trends Research – Data Center Storage Technology Revolution (#4 in a series) - includes video

ESG recently completed in-depth research on the state of the storage market; its own technologies and market trends as well as its key intersections to other notable IT implementations and shifts. We are presenting some of the extended highlights from the findings in multiple ESG Briefs (each focused on a particular topic), as well as tighter summaries of those Briefs in accompanying ESG videos. These will be rolling out over the next few weeks and we’ll capture all the available links in these blogs each time a new piece is posted.

Topics: Storage data center

Endpoint Security Needs “Efficient Efficacy”

As we ease into 2018, endpoint security technology is in play. Next-generation players like Barkly, Cylance, and SentinelOne offer products based upon machine learning algorithms to block traditional and new types of threats. EDR experts like Carbon Black, CrowdStrike, and Cybereason monitor PC behavior looking for anomalous activity. Meanwhile, traditional vendors like McAfee, Sophos, Symantec, Trend Micro, and Webroot are buying companies and adding new functionality to their products to provide a one-stop endpoint security shop.

Topics: Cybersecurity endpoint security antivirus

Enterprise Networks and Telco Clouds on a Collision Course

The Internet of Things will move more processing to telecom suppliers' facilities.

Network engineers have traditionally treated networks managed by their telecom suppliers as outside their immediate domain of concern. The telco network was brought into the data center, appropriate routes or peering set up, and that was it.

Topics: Cloud Computing Networking IoT telco cloud