Most Recent Blogs

Endpoint Security in 2017

Posted: January 17, 2017   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, endpoint security, antivirus, Anti-malware


network_connectivity.jpgJust a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market. Fast forward to 2017 and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. 

Why has this market changed so much in such a short timeframe? New types of targeted threats regularly circumvented signature-based AV software over the past few years. This weakness led to system compromises, data breaches, and panicky CISOs in search of AV alternatives. This in turn persuaded the fat cats on Sand Hill Rd. to throw VC dollars at anything that hinted at endpoint security innovation.

Okay, I get the need for more than signature-based AV but there simply isn’t room in the market for 50 endpoint security vendors. Thus, it’s safe to assume a lot of M&A activity and outright business failures this year. 

Read More

Some Thoughts for Millennials that Diss Antivirus

Posted: October 27, 2015   /   By: Kyle Prigmore   /   Tags: Cybersecurity, Security, endpoint security, antivirus, Anti-malware, cyber crime

blameMy generation can get awfully snarky about antivirus: go on reddit, search for the topic, and you’ll find some arrogant responses along the lines of “antivirus is just adware and all I need is Malwarebytes”.

Well hey, good for you, and Malwarebytes is great (I use it too). But we millennials have a harder time remembering what the internet was like before AV came along, a time when any email or misclicked website could brick your computer. Now with the rise of ransomware and targeted attacks putting entire devices at risk once more, we have somehow resorted to blaming antivirus for not being effective enough at blocking these attacks. It’s unfair and short-sighted, and the popularity of the “AV is unnecessary” trend remains perpetually premature.

Read More

FireEye Myth and Reality

Posted: October 15, 2015   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, malware, cybercrime, Anti-malware

securesurfaceSome tech companies are always associated with their first acts. Dell just acquired my first employer, EMC Corporation, in order to expand its enterprise portfolio, yet the company will always be linked with personal computers and its founder’s dorm room. F5 has become a nexus that brings together networks and applications but will always retain the moniker of a load balancing company. Bit9 has established itself as a major next-generation endpoint player, yet some people can only think of its original focus on white listing.

Read More

Is Cisco Back (as an Enterprise Security Leader)?

Posted: May 22, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Cisco, Hadoop, Networking, Information and Risk Management, Juniper, Sourcefire, FireEye, HP, McAfee, Security and Privacy, Security, CiscoLive, trend micro, Symantec, Blue Coat, TrustSec, Crossbeam, Mergers / Acquisitions, Anti-malware

It wasn’t too long ago that Cisco was a dominant force in information security technology. The company was a market leader in firewalls, IDS/IPS, and e-mail security and was actively pushing products for endpoint security and SIEM as well as security “blades” for Catalyst switches. Heck, Cisco even articulated a bold vision of “self-defending networks” with security policy, enforcement, and intelligence all baked into the network.

Somewhere around 2008, however, Cisco security went into a prolonged slump. Cisco security products didn’t offer the performance of rivals like Crossbeam (now Blue Coat), Juniper, or McAfee. Cisco missed markets like next-generation firewalls, opening the door for savvy startups like FireEye, Palo Alto Networks, and Stonesoft. Cisco products such as the Cisco Security Agent (Okena) and MARS (Protego) were abject failures and discontinued by the company. Finally, Cisco’s security team itself imploded as management and engineering leaders fled San Jose for greener valley pastures.

Read More

Big Data Security Analytics Meets Identity and Access Management (IAM)

Posted: May 19, 2014   /   By: Jon Oltsik   /   Tags: IBM, End-User Computing, Data Management & Analytics, Information and Risk Management, Enterprise Software, Security and Privacy, Security, big data security analytics, Courion, Sailpoint, compliance, IAM, Governance, cybercrime, Anti-malware

While most enterprise organizations have SIEM installed, they now realize that these venerable security systems cannot address today’s dangerous threat landscape alone. As a result, many are adding network forensics and big data analytics systems for capturing, processing, and analyzing a whole bunch of additional security data.

In the majority of cases, big data security analytics systems are applied to data such as network packets, packet metadata, e-mails, and transaction systems to help security teams detect malware, phishing sites, and online fraud. Great start, but I’m starting to see another burgeoning focus area – IAM. Of course, many large organizations have IAM tools for user provisioning, SSO, and identity governance, but tracking all the instantiations of user activity remains elusive. In a recent ESG research survey, security professionals were asked to identify their weakest area of security monitoring. More than one-quarter (28%) pointed to “user behavior activity monitoring/visibility,” – the highest percentage of all categories.

Read More

The Emerging Cybersecurity Software Architecture

Posted: May 08, 2014   /   By: Jon Oltsik   /   Tags: IBM, Microsoft, Check Point, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, McAfee, Oracle, Security and Privacy, Security, Apache, SIEM, Mitre, Kaspersky, ERP, Raytheon, Proofpoint, Lockheed, IDS, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, AV, CSC, Anti-malware

It’s been a busy week for the information cybersecurity industry. FireEye announced the acquisition of nPulse which adds network forensics to its advanced malware detection/response portfolio. IBM chimed in with a new Threat Prevention System that includes an endpoint security client, threat intelligence feeds, and integration with its network security, and analytics platforms. Finally, Symantec unveiled its Advanced Threat Protection strategy that combines existing products, future deliverables, and services.

It’s no coincidence that these three infosec security leaders are moving in this direction as the whole industry is on the same path. I’ve written about this trend a few times. I wrote a security-vendors-are-racing-toward-a-new-anti-malware-technology-model/index.html" target="_blank">blog about the integrated anti-malware technology model in March, and this the-new-cybersecurity-technology-reality-the-whole-is-greater-than-the-sum-of-its-parts/index.html">one in April about the new cybersecurity technology reality. Other vendors such as Blue Coat, Cisco, McAfee, Palo Alto Networks, and Trend Micro are also on board.

Read More

Antivirus Software Is Not Quite Dead Yet

Posted: May 06, 2014   /   By: Jon Oltsik   /   Tags: End-User Computing, Palo Alto Networks, Cisco, Information and Risk Management, Sourcefire, FireEye, McAfee, Security and Privacy, Security, endpoint security, Malwarebytes, Kaspersky, Triumfant, Guidance Software, Crowdstrike, trend micro, Symantec, RSA Security, Cylance, Bit9, Carbon Black, Anti-malware

In a Wall Street Journal article published earlier this week, Symantec SVP Brian Dye, is quoted as saying that “antivirus is dead.” Dye goes on to proclaim that “we (Symantec) don’t think of antivirus as a moneymaker in any way.”

I beg your pardon, Brian? Isn’t Symantec the market leader? Just what are you saying? In lieu of specific answers to these questions, the blogosphere and Twitter have become a grapevine of rumors – about Symantec, AV, etc. Panic and wild predictions abound. Dogs and cats living together in the streets . . .

Read More

CISOs Must “Think Different”

Posted: April 15, 2014   /   By: Jon Oltsik   /   Tags: IBM, Apple, Cybersecurity, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, McAfee, Security and Privacy, Security, endpoint security, SIEM, ArcSight, Blue Coat, RSA Security, CISO, Anti-malware, NetWitness, IDS/IPS, Firewall & UTM

Remember the “Think Different” advertising campaign from Apple? It ran from 1997 to 2000 and featured bigger-than-life personalities like Buckminster Fuller, Martin Luther King, and Pablo Picasso.

The “Think Different” ads coincided with Steve Jobs’s return to Apple as well as his somewhat contrarian and analytical mindset. In a PBS interview, Jobs offered this philosophical insight about life:

Read More

Managing IT Risk Associated with Mobile Computing Security

Posted: April 08, 2014   /   By: Jon Oltsik   /   Tags: IBM, End-User Computing, Check Point, Fortinet, Cisco, Information and Risk Management, mobile, Security and Privacy, Security, BYOD, Citrix, data security, Fiberlink, android, Dropbox, Good Technology, Airwatch, Blue Coat, CISO, Bit9, Anti-malware, Facebook

When BYOD was coming to fruition a few years ago, it had a sudden and deep impact on IT risk. Why? Many CISOs I spoke with at the time said it was purely a matter of scale. All of a sudden, large enterprises had thousands of additional devices on their networks and they struggled to figure out what these devices were doing and how these activities impacted organizational risk.

Read More

The New Cybersecurity Technology Reality - the Whole Is Greater than the Sum of its Parts

Posted: April 03, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Fortinet, Cisco, Information and Risk Management, FireEye, McAfee, Security and Privacy, Security, risk management, endpoint security, Proofpoint, incident detection, incident response, Blue Coat, RSA Security, Anti-malware, incident prevention, APT

I wrote a blog last week about new integrated anti-malware technology in response to Palo Alto Network’s acquisition of Cyvera. In fact, this integrated technology model isn’t limited to anti-malware but is becoming the new reality across the cybersecurity lifecycle of risk management, incident prevention, incident detection, and incident response.

I’m convinced that this is where the market is headed, driven by burgeoning cybersecurity requirements across organizations large and small. Why do I believe this? Well, in a recent ESG research survey, 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked how their organization’s security strategy would change over the next 24 months. A little under half (44%) of respondents said that their organization would “design and build a more integrated enterprise security architecture,” the highest percentage of all responses. This trend is actually reverberating on the supply side as Blue Coat, Cisco/Sourcefire, FireEye, IBM, McAfee, PAN, and Trend Micro are all engaged in R&D and M&A activities to meet the need for technology integration.

Read More

Posts by Topic

see all