Most Recent Blogs

Enterprise Organizations Need Formal Incident Response Programs

Posted: August 13, 2014   /   By: Jon Oltsik   /   Tags: Information Security, IBM, Data Protection, Information and Risk Management, HP, Security and Privacy, incident response, SunGard, E&Y, Booz Allen, Accenture

I spent the early part of my IT career in the storage industry, mostly with EMC Corporation. Back then, large storage subsystems were equated with IBM mainframe computers, with a heavy emphasis on the financial services market.

Read More

The Emerging Cybersecurity Software Architecture

Posted: May 08, 2014   /   By: Jon Oltsik   /   Tags: IBM, Microsoft, Check Point, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, McAfee, Oracle, Security and Privacy, Security, Apache, SIEM, Mitre, Kaspersky, ERP, Raytheon, Proofpoint, Lockheed, IDS, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, AV, CSC, Anti-malware

It’s been a busy week for the information cybersecurity industry. FireEye announced the acquisition of nPulse which adds network forensics to its advanced malware detection/response portfolio. IBM chimed in with a new Threat Prevention System that includes an endpoint security client, threat intelligence feeds, and integration with its network security, and analytics platforms. Finally, Symantec unveiled its Advanced Threat Protection strategy that combines existing products, future deliverables, and services.

It’s no coincidence that these three infosec security leaders are moving in this direction as the whole industry is on the same path. I’ve written about this trend a few times. I wrote a security-vendors-are-racing-toward-a-new-anti-malware-technology-model/index.html" target="_blank">blog about the integrated anti-malware technology model in March, and this the-new-cybersecurity-technology-reality-the-whole-is-greater-than-the-sum-of-its-parts/index.html">one in April about the new cybersecurity technology reality. Other vendors such as Blue Coat, Cisco, McAfee, Palo Alto Networks, and Trend Micro are also on board.

Read More

Enterprise CISO Challenges In 2014

Posted: January 10, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, Security and Privacy, Security, risk management, Centrify, Malwarebytes, LogRhythm, bromium, 21CT, Leidos, RSA, Invincea, Accenture, ISC8, Blue Coat, CloudPassage, click security, Bit9, CSC, Hexis, HyTrust

I’m sure lots of CISOs spent this week meeting with their teams, reviewing their 2013 performance, and solidifying plans for 2014. Good idea from my perspective. The CISOs I’ve spoken with recently know exactly what they have to do but aren’t nearly as certain about how to do it.

At a high level, here’s what I’m hearing around CISO goals and the associated challenges ahead this year:

  1. Improve risk management. This translates into threat/vulnerability measurement, threat prevention, and ongoing communication with the business mucky mucks. The problem here is that their networks are constantly changing, scans are done on a scheduled rather than real-time basis, and the threat landscape is dangerous, sophisticated, and mysterious.
Read More

New Year’s Forecast for the Information Security Industry: Part 1

Posted: January 02, 2014   /   By: Jon Oltsik   /   Tags: IBM, Apple, Network Security, Cybersecurity, Check Point, Fortinet, Cisco, Information and Risk Management, FireEye, HP, Dell, McAfee, Security and Privacy, Security, Juniper Networks, Lockheed Martin, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, ARM, CSC, Intel, NIST

I hope my cybersecurity colleagues enjoyed their holiday these past few weeks. It was surely well deserved as the year 2013 will be remembered as a whirlwind of activity featuring successful IPOs and scary security incidents. Given this, it’s likely that security professionals spent the last few weeks with one eye on family and holidays and another on emerging details about the massive breach at Target.

So what’s in store for the information security industry in 2014? On the surface, it should be a happy new year across the board for security technology vendors, MSSPs, and professional service firms. That said, there is a lot of work ahead as enterprise organizations figure out how to transform an army of point tools and manual processes into a cohesive security strategy.

Read More

CloudWorld … I mean ... DellWorld

Posted: December 17, 2013   /   By: ESG   /   Tags: Cloud Computing, Azure, Microsoft, cloud, Private Cloud Infrastructure, Dell, Amazon, google, Accenture, Savvis, Red Hat, Tier 3, CenturyLink, Public Cloud Service

Last week was Dell’s annual user conference in Austin and while the weather was a bit cooler than I expected there – things are definitely heating up for Dell.

Cloud Partner Program – Dell announced expansions of its partner program, which now includes Microsoft Windows Azure, and CenturyLink, Google, and Accenture. They already had Peer1, Joyent, ScaleMatrix, and Zerolag. Here’s why I think these relationships are important:

  • Windows Azure – What better way to be part of a native hybrid cloud offering? Windows Server on-premises built on Dell systems (think Azure Cloud-in-a-Box) connected to Windows Azure public cloud and using Cloud Manager (formerly Enstratius) to manage it all. Cool beans if you ask me.
  • CenturyLink – Savvis and Tier 3 are now all folded into CentruryLinks' cloud offering with CenturyLink bringing the pipes, Savvis the data centers, and Tier 3 the cloud services. This today includes VMware and OpenStack service and my gut tells me Windows Azure is not too far away. Again, this provides a good set of opportunities for Dell including cloud-in-a-Box on-prem to connect a hybrid solution with CenturyLink based on VMware, OpenStack, or Azure.
  • Google – This is a win for Google and for Dell. For Google, it creates the momentum they need from the enterprise to be connected and hybridized with Google’s public IaaS and PaaS offerings. Google brings Android as well so there are many architectures and components that can be put to use. For Dell, it allows them to again create opportunities with their customers to help them enjoy the benefits of a hybrid cloud using Google for public and cloud-of-your-choosing-in-a-Box on-premises. All managed by Dell Cloud Manager.
  • Accenture – Big Enterprise? Dell Customer? Does your CIO have an ItaaS or Cloud Strategy – then let Accenture and Dell help you design, implement, build, and even manage your cloud for you. If you’ve been sitting on the fence worried about security, governance, and usage models – this is a great way to go.
Read More

The Security Industry Remains Strong with Computer Science but Weak on IT

Posted: November 18, 2013   /   By: Jon Oltsik   /   Tags: IBM, Cybersecurity, Cisco, Information and Risk Management, FireEye, HP, Dell, Oracle, Security and Privacy, Security, Enterprise, SIEM, E&Y, Leidos, Accenture, CISO, saic, IPO, Security Management, CSC, Unisys

Last week, I was in Silicon Valley meeting with a parade of CISOs and security vendors. Business travel is no “day at the beach,” but these trips really help me keep up with the latest enterprise security challenges and potential technology solutions.

It was also nice to spend time in the Valley and re-charge my batteries toward the security industry. There was a lot of excitement out there as a result of business growth, VC investment, and the wildly successful FireEye IPO.

Read More

Posts by Topic

see all