Doug Cahill

Doug Cahill

Doug is a senior analyst covering cybersecurity at ESG, drawing upon more than 25 years of industry experience across a broad range of cloud, host, and network-based products and markets.
Prior to joining ESG, Doug held executive leadership positions at security firms Threat Stack and Bit9, where he launched market leading products and forged strategic partnerships. Over the years, Doug has also served in product management, marketing, and business development roles for storage management, networking, and database vendors, and started his career in IT as a business analyst.
Doug has a B.A. from the University of Massachusetts, Amherst, and enjoys spending time in the northern New England mountains and lakes.

Recent Posts by Doug Cahill:

The State of Constant Change in Endpoint Security

Endpoint security is one of the most dynamic areas of cybersecurity and one that is in a state of constant change. To combat both the relatively pedestrian and more sophisticated range of attacks, most organizations, according to research conducted by the Enterprise Strategy Group, are implementing multiple compensating measures. The actions taken to improve endpoint security are across the dimensions of processes, skills, and technologies. In fact, ESG’s research reveals that 69% of organizations regularly reevaluate the effectiveness of their endpoint security strategies. Why all the attention on endpoint security? The epidemic levels of ransomware experienced in 2016 through 2017 and that are sure to extend into this year served as a catalyst for many IT and cybersecurity professionals to rethink how they secure their endpoints.

Topics: Cybersecurity endpoint security

Ransomware Research Highlights (Video)

Ransomware incidents reached epidemic levels in 2016 with high profile attacks on health care organizations highlighting the operational impacts of cyber extortion by impeding the ability of some targeted organizations to deliver patient care. Cybercriminals continued to employ tried and true attack vectors and methods, principally phishing, to execute a transactional ransomware business model across multiple industries. 

Topics: Cybersecurity ransomware

Key Cybersecurity Findings from ESG’s 2018 IT Spending Intentions Research (Video)

ESG recently completed our annual IT spending intentions research in which the study gauged not only spending plans, but top of mind IT and cybersecurity considerations for economic buyers. With strengthening cybersecurity tools and process being the most important IT meta-trend, and cybersecurity the largest area of projected incremental spend, this video blog explores the dynamics that are driving cybersecurity priorities, including: 

Topics: Cybersecurity cybersecurity skills shortage IT Spending Intentions ransomware SOAPA GDPR

 2018 Cybersecurity Radar Screen (Video)

In this video blog, ESG’s cybersecurity analysts, Jon Oltsik and myself, share some of the cybersecurity developments on our radar screen that we expect to be especially relevant in 2018 including: 

  • Cloud computing chaos and how cloud services will become more prominent in addressing – and spawning – threats and vulnerabilities, including the need to better protect data resident in poorly configured AWS S3 buckets.
Topics: Cybersecurity SOAPA security operations and analytic platform 2018 Predictions

S3 Security Front and Center at AWS re:Invent

Man, talk about the proverbial firehose. AWS re:Invent 2017 proved to be a wide open torrent of announcements from AWS and the partner ecosystem alike, making recap blogs such as this a bit of a mission impossible. For starters, AWS’s security announcements included:

Topics: AWS re:Invent

The Drivers of Change in Endpoint Security

I guess I still think like a product manager. In my last blog, the first of a few analyzing key findings from ESG’s recent endpoint security, I shared my take on the net-net design center for contemporary endpoint security solutions, one that serves two masters – efficacy and efficiency. The state of endpoint security can be characterized as one of constant change in which organizations are implementing compensating measures to improve both the efficacy and efficiency. But what factors are driving the “efficient efficacy” market requirement?

With respect to efficacy, ESG’s endpoint security research highlights that customers have experienced, and are concerned about, a diverse range of threats:

Topics: Cybersecurity endoint security

Endpoint Security: The Efficient Efficacy Design Center

Efficacy and efficiency can no longer be mutually exclusive outcomes when it comes to endpoint security. Yes, organizations want their cake and they absolutely want to eat it too – they want to detect and stop more threats, but can’t incur much heavy lifting in the process. According to recent research conducted by ESG, while organizations report poor efficacy, as expressed in their antivirus software being unable to detect and prevent new and unknown threats as an endpoint security challenge, four other issues, all operational in nature, topped efficacy as pain points, including:

Topics: Cybersecurity endpoint security

Black Hat 2017: Disruption in the Wind

Such blogs typically offer 3 or 4 takeaways from seminal industry events; I have one from Black Hat 2017—disruption of core cybersecurity markets is in the air.

Topics: Cybersecurity Black Hat

ESG Cybersecurity Research and a Preview of Black Hat USA 2017 (Video)

In this video blog, my colleague Jon Oltsik and I discuss some of the insights from ESG’s cybersecurity research we expect to be topical at Black Hat USA 2017, including:

  • The challenges and solutions around security operations and analytics and the need for a security operations and analytics platform architecture (SOAPA).
  • The constant state of change in the endpoint security landscape in which organizations regularly re-evaluate processes, technologies, and vendors.
Topics: Cybersecurity hybrid cloud SOAPA security operations analytics platform Black Hat 2017

The Role of Standards in a Security Ops and Analytics Platform Architecture (Video)

In this second of a two-part video series, Mike Viscuso, Carbon Black CTO, and I pull on more SOAPA (security operations and analytics platform architecture) threads, including the role of SIEM in the next-gen SOC. Because it is in the context of SIEMs that we’ve seen the adoption of standard formats such as CEF and LEEF for alert propagation and STIX and TAXII for threat intelligence sharing, we explore not only the need for more such standards but the factors that lead to adoption. We then discuss user behavior analytics (UBA) data enrichened with other sensor data as an example of how a reference architecture like SOAPA makes data actionable, in this case to thwart the insider threat. We wrap up with a view into the future with respect to possible industry consolidation and the emergence of cybersecurity platforms to relieve point tool fatigue, a theme Mike challenges, noting the need for ongoing innovation to counter the motivated adversary. 

Topics: Cybersecurity SIEM SOAPA security operations and analytic platform