Most Recent Blogs

The Emerging Cybersecurity Software Architecture

Posted: May 08, 2014   /   By: Jon Oltsik   /   Tags: IBM, Microsoft, Check Point, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, McAfee, Oracle, Security and Privacy, Security, Apache, SIEM, Mitre, Kaspersky, ERP, Raytheon, Proofpoint, Lockheed, IDS, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, AV, CSC, Anti-malware

It’s been a busy week for the information cybersecurity industry. FireEye announced the acquisition of nPulse which adds network forensics to its advanced malware detection/response portfolio. IBM chimed in with a new Threat Prevention System that includes an endpoint security client, threat intelligence feeds, and integration with its network security, and analytics platforms. Finally, Symantec unveiled its Advanced Threat Protection strategy that combines existing products, future deliverables, and services.

It’s no coincidence that these three infosec security leaders are moving in this direction as the whole industry is on the same path. I’ve written about this trend a few times. I wrote a security-vendors-are-racing-toward-a-new-anti-malware-technology-model/index.html" target="_blank">blog about the integrated anti-malware technology model in March, and this the-new-cybersecurity-technology-reality-the-whole-is-greater-than-the-sum-of-its-parts/index.html">one in April about the new cybersecurity technology reality. Other vendors such as Blue Coat, Cisco, McAfee, Palo Alto Networks, and Trend Micro are also on board.

Read More

Enterprises Need Outside-In Continuous Monitoring for Risk Management

Posted: April 24, 2014   /   By: Jon Oltsik   /   Tags: IBM, Cloud Computing, Cybersecurity, Information and Risk Management, Security and Privacy, Security, risk management, DHS, Booz Allen Hamilton, Lockheed Martin, RiskIQ, BitSight, Target, CSC, CDM, cyber supply chain security, Public Cloud Service

Ask any CISO what their job entails and they are likely to respond with a common mantra: Assess IT risk, communicate IT risk to business executives, and then create and execute a mutually agreed upon plan to address risk.

Read More

Advanced Malware Detection and Response and Other Cybersecurity Services on the Rise

Posted: April 22, 2014   /   By: Jon Oltsik   /   Tags: IBM, Cloud Computing, Cybersecurity, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, Dell, Security and Privacy, Security, Mandiant, Lockheed, DHS, Barracuda, Booz Allen Hamilton, bromium, Leidos, nsa, Cylance, cybercrime, CSC, Damballa, NIST, BT, NSF, mssp

Think about all of the cybersecurity industry activity with advanced malware detection and response and what comes to mind? Most people would probably focus on technology vendors like Bromium, Cylance, Damballa, FireEye, and Palo Alto Networks since these firms have garnered headlines, raised vast fortunes of VC funding, and even pushed through successful IPOs.

Read More

Multiple, Multipath, Multifactor, or how about Multi-Cloud?

Posted: January 20, 2014   /   By: ESG   /   Tags: IBM, Cloud Computing, cloud, Private Cloud Infrastructure, Dell, CSC, Softlayer, Ostrato, ServiceNow, Tier 3, CenturyLink, Multi-Cloud, Public Cloud Service

About this time last year, I published a report on cloud service management (Enabling IT’s Transformation to Cloud Service Provider) where I outlined the software components needed to become a cloud service provider on-premises. Primary capabilities include orchestration and automation but also things like CMDB, federation, and chargeback. Like everything in this industry, there has been a lot of change in the past year, which I will cover in detail in the update to the CSM report later this quarter. In the meantime, I thought it would be useful to write about some of the trends I’m seeing in this space:

· Hybrid Isn’t Even Table Stakes – Last year I thought it was goodness when I saw a CSM company building functionality that supported an IT department being able to manage on-premises ‘private cloud’ and off-premises ‘public cloud.’ Over the past year that has evolved to requiring the ability to manage multiple cloud types in on- and off-premises. For example, a company may have an MS Azure cloud as well as a VMware cloud on-premises and public cloud off-premises with a VMware cloud and AWS resources on Amazon’s cloud. This means that the CSM software has to be able to manage all of these resources and be able to provide a unified dashboard, rationalize pricing methods, and potentially a way to move workloads seamlessly between clouds.

Read More

Enterprise Organizations Describe Weaknesses in Malware Detection and Protection

Posted: January 15, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Information and Risk Management, FireEye, Security and Privacy, Security, malware, Mandiant, Barracuda, Leidos, Target, cybercrime, CSC, Anti-malware, NIST, APT, Unisys, Splunk

Well here we are halfway through January and you can’t cross the street without hearing about a malware attack or security breach somewhere – Neiman Marcus, Target, Yahoo, Yikes!

When my non-technical friends ask me what they should expect moving forward, I’m not exactly a beacon of hope. My usual response is something like, “get used to it, things will likely get worse.”

Read More

Enterprise CISO Challenges In 2014

Posted: January 10, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, Security and Privacy, Security, risk management, Centrify, Malwarebytes, LogRhythm, bromium, 21CT, Leidos, RSA, Invincea, Accenture, ISC8, Blue Coat, CloudPassage, click security, Bit9, CSC, Hexis, HyTrust

I’m sure lots of CISOs spent this week meeting with their teams, reviewing their 2013 performance, and solidifying plans for 2014. Good idea from my perspective. The CISOs I’ve spoken with recently know exactly what they have to do but aren’t nearly as certain about how to do it.

At a high level, here’s what I’m hearing around CISO goals and the associated challenges ahead this year:

  1. Improve risk management. This translates into threat/vulnerability measurement, threat prevention, and ongoing communication with the business mucky mucks. The problem here is that their networks are constantly changing, scans are done on a scheduled rather than real-time basis, and the threat landscape is dangerous, sophisticated, and mysterious.
Read More

New Year’s Forecast for the Information Security Industry: Part 1

Posted: January 02, 2014   /   By: Jon Oltsik   /   Tags: IBM, Apple, Network Security, Cybersecurity, Check Point, Fortinet, Cisco, Information and Risk Management, FireEye, HP, Dell, McAfee, Security and Privacy, Security, Juniper Networks, Lockheed Martin, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, ARM, CSC, Intel, NIST

I hope my cybersecurity colleagues enjoyed their holiday these past few weeks. It was surely well deserved as the year 2013 will be remembered as a whirlwind of activity featuring successful IPOs and scary security incidents. Given this, it’s likely that security professionals spent the last few weeks with one eye on family and holidays and another on emerging details about the massive breach at Target.

So what’s in store for the information security industry in 2014? On the surface, it should be a happy new year across the board for security technology vendors, MSSPs, and professional service firms. That said, there is a lot of work ahead as enterprise organizations figure out how to transform an army of point tools and manual processes into a cohesive security strategy.

Read More

Enterprise Organizations Identify Incident Detection Weaknesses

Posted: December 18, 2013   /   By: Jon Oltsik   /   Tags: IBM, Cisco, Information and Risk Management, Security and Privacy, Security, Booz Allen Hamilton, ForeScout, Guidance Software, Leidos, Blue Coat, Fidelis, LexisNexis, Bit9, CSC, Anti-malware

In the past, many large organizations spent about 70% of their security budgets on prevention and the remaining 30% on incident detection and response. Prevention is still important but given the insidious threat landscape, enterprises must assume that they will be breached. This means that they need the right processes, skills, and security analytics to detect and respond to security incidents effectively, efficiently, and in a timely manner.

Read More

The Security Industry Remains Strong with Computer Science but Weak on IT

Posted: November 18, 2013   /   By: Jon Oltsik   /   Tags: IBM, Cybersecurity, Cisco, Information and Risk Management, FireEye, HP, Dell, Oracle, Security and Privacy, Security, Enterprise, SIEM, E&Y, Leidos, Accenture, CISO, saic, IPO, Security Management, CSC, Unisys

Last week, I was in Silicon Valley meeting with a parade of CISOs and security vendors. Business travel is no “day at the beach,” but these trips really help me keep up with the latest enterprise security challenges and potential technology solutions.

It was also nice to spend time in the Valley and re-charge my batteries toward the security industry. There was a lot of excitement out there as a result of business growth, VC investment, and the wildly successful FireEye IPO.

Read More

The Security Skills Shortage Is Worse Than You Think

Posted: August 30, 2012   /   By: Jon Oltsik   /   Tags: IBM, Cloud Computing, Check Point, Palo Alto Networks, Private Cloud Infrastructure, Information and Risk Management, Sourcefire, HP, Dell, McAfee, Security and Privacy, BYOD, Raytheon, Lockheed Martin, trend micro, Symantec, saic, CSC, BT, Verizon, Unisys, Server Virtualization, security skills, Public Cloud Service

I’ve written a lot about the security skills shortage but it is worth reviewing a bit of data here for context. According to ESG Research, 55% of enterprise organizations (i.e., those with more than 1,000 employees) plan to hire additional security professionals in 2012 but they are extremely hard to find. In fact, 83% of enterprises claim that it is “extremely difficult” or “somewhat difficult” to recruit and/or hire security professionals in the current market.

Given this data, it is fair to assume that many IT security organizations are short staffed and pushing the security team to its limits. As if this wasn’t bad enough, ESG data also points to 3 trends that exacerbate the security skills shortage further impacting the effectiveness of the precious few security personnel in place:

  1. Critical skills deficits. Along with the shortage of staff, many organizations report that their security staff lacks skills in critical areas such as network security, cloud computing/server virtualization security, mobile device security, and security analysis/forensics.
  2. Security staff time management. Large organizations indicate that one of their biggest problems is that their security professionals spend an inordinate amount of their time putting out fires. This limits the time for other more proactive security activities.
  3. Security tools complexity and lack of automation. Security vendors built tools rich in feature/functionality and designed for customization. Unfortunately, many large organizations don’t have the time or staff necessary to fine-tune them or develop expertise in their use.
Read More

Posts by Topic

see all