Enterprise Organizations Need Formal Incident Response Programs

I spent the early part of my IT career in the storage industry, mostly with EMC Corporation. Back then, large storage subsystems were equated with IBM mainframe computers, with a heavy emphasis on the financial services market.

Topics: Information Security IBM Data Protection Information and Risk Management HP Security and Privacy incident response SunGard E&Y Booz Allen Accenture

The Emerging Cybersecurity Software Architecture

It’s been a busy week for the information cybersecurity industry. FireEye announced the acquisition of nPulse which adds network forensics to its advanced malware detection/response portfolio. IBM chimed in with a new Threat Prevention System that includes an endpoint security client, threat intelligence feeds, and integration with its network security, and analytics platforms. Finally, Symantec unveiled its Advanced Threat Protection strategy that combines existing products, future deliverables, and services.

It’s no coincidence that these three infosec security leaders are moving in this direction as the whole industry is on the same path. I’ve written about this trend a few times. I wrote a security-vendors-are-racing-toward-a-new-anti-malware-technology-model/index.html" target="_blank">blog about the integrated anti-malware technology model in March, and this the-new-cybersecurity-technology-reality-the-whole-is-greater-than-the-sum-of-its-parts/index.html">one in April about the new cybersecurity technology reality. Other vendors such as Blue Coat, Cisco, McAfee, Palo Alto Networks, and Trend Micro are also on board.

Topics: IBM Microsoft Check Point Palo Alto Networks Cisco Information and Risk Management FireEye HP McAfee Oracle Security and Privacy Security Apache SIEM Mitre Kaspersky ERP Raytheon Proofpoint Lockheed IDS E&Y Leidos Booz Allen Accenture Blue Coat AV CSC Anti-malware

Enterprise CISO Challenges In 2014

I’m sure lots of CISOs spent this week meeting with their teams, reviewing their 2013 performance, and solidifying plans for 2014. Good idea from my perspective. The CISOs I’ve spoken with recently know exactly what they have to do but aren’t nearly as certain about how to do it.

At a high level, here’s what I’m hearing around CISO goals and the associated challenges ahead this year:

  1. Improve risk management. This translates into threat/vulnerability measurement, threat prevention, and ongoing communication with the business mucky mucks. The problem here is that their networks are constantly changing, scans are done on a scheduled rather than real-time basis, and the threat landscape is dangerous, sophisticated, and mysterious.
Topics: IBM Palo Alto Networks Cisco Information and Risk Management FireEye HP Security and Privacy Security risk management Centrify Malwarebytes LogRhythm bromium 21CT Leidos RSA Invincea Accenture ISC8 Blue Coat CloudPassage click security Bit9 CSC Hexis HyTrust

New Year’s Forecast for the Information Security Industry: Part 1

I hope my cybersecurity colleagues enjoyed their holiday these past few weeks. It was surely well deserved as the year 2013 will be remembered as a whirlwind of activity featuring successful IPOs and scary security incidents. Given this, it’s likely that security professionals spent the last few weeks with one eye on family and holidays and another on emerging details about the massive breach at Target.

So what’s in store for the information security industry in 2014? On the surface, it should be a happy new year across the board for security technology vendors, MSSPs, and professional service firms. That said, there is a lot of work ahead as enterprise organizations figure out how to transform an army of point tools and manual processes into a cohesive security strategy.

Topics: IBM Apple Network Security Cybersecurity Check Point Fortinet Cisco Information and Risk Management FireEye HP Dell McAfee Security and Privacy Security Juniper Networks Lockheed Martin E&Y Leidos Booz Allen Accenture Blue Coat ARM CSC Intel NIST

CloudWorld … I mean ... DellWorld

Last week was Dell’s annual user conference in Austin and while the weather was a bit cooler than I expected there – things are definitely heating up for Dell.

Cloud Partner Program – Dell announced expansions of its partner program, which now includes Microsoft Windows Azure, and CenturyLink, Google, and Accenture. They already had Peer1, Joyent, ScaleMatrix, and Zerolag. Here’s why I think these relationships are important:

  • Windows Azure – What better way to be part of a native hybrid cloud offering? Windows Server on-premises built on Dell systems (think Azure Cloud-in-a-Box) connected to Windows Azure public cloud and using Cloud Manager (formerly Enstratius) to manage it all. Cool beans if you ask me.
  • CenturyLink – Savvis and Tier 3 are now all folded into CentruryLinks' cloud offering with CenturyLink bringing the pipes, Savvis the data centers, and Tier 3 the cloud services. This today includes VMware and OpenStack service and my gut tells me Windows Azure is not too far away. Again, this provides a good set of opportunities for Dell including cloud-in-a-Box on-prem to connect a hybrid solution with CenturyLink based on VMware, OpenStack, or Azure.
  • Google – This is a win for Google and for Dell. For Google, it creates the momentum they need from the enterprise to be connected and hybridized with Google’s public IaaS and PaaS offerings. Google brings Android as well so there are many architectures and components that can be put to use. For Dell, it allows them to again create opportunities with their customers to help them enjoy the benefits of a hybrid cloud using Google for public and cloud-of-your-choosing-in-a-Box on-premises. All managed by Dell Cloud Manager.
  • Accenture – Big Enterprise? Dell Customer? Does your CIO have an ItaaS or Cloud Strategy – then let Accenture and Dell help you design, implement, build, and even manage your cloud for you. If you’ve been sitting on the fence worried about security, governance, and usage models – this is a great way to go.
Topics: Cloud Computing Azure Microsoft cloud Private Cloud Infrastructure Dell Amazon google Accenture Savvis Red Hat Tier 3 CenturyLink Public Cloud Service

The Security Industry Remains Strong with Computer Science but Weak on IT

Last week, I was in Silicon Valley meeting with a parade of CISOs and security vendors. Business travel is no “day at the beach,” but these trips really help me keep up with the latest enterprise security challenges and potential technology solutions.

It was also nice to spend time in the Valley and re-charge my batteries toward the security industry. There was a lot of excitement out there as a result of business growth, VC investment, and the wildly successful FireEye IPO.

Topics: IBM Cybersecurity Cisco Information and Risk Management FireEye HP Dell Oracle Security and Privacy Security Enterprise SIEM E&Y Leidos Accenture CISO saic IPO Security Management CSC Unisys