SOAPA Video with Arbor Networks (Part 2)

In the second part of my SOAPA video with Arabella Hallawell from Arbor Networks, we discuss:

  1. SOAPA technology integration. Arbor Networks partners with lots of network service providers, giving the company a bird’s eye view of Internet traffic. The company uses this position to monitor, collect, and curate threat intelligence through its ASERT team. As part of its network security analytics products and services, it adds CTI to give customers an understanding of malicious activities happening inside and outside of their networks. Of course, integrating internal network telemetry and CTI is one of the principles of SOAPA. 
Topics: Cybersecurity security operations cyber threat intelligence network security analytics SOAPA Arbor Networks Arabella Hallawell

Acute Cybersecurity Skills Shortage Areas

In my last blog, I reviewed some new research from ESG and the Information Systems Security Association (ISSA), revealing that 70% of cybersecurity pros say that the global cybersecurity skills shortage has impacted their organizations. Based upon this and other similar research, I’m convinced that the cybersecurity skills shortage represents an existential risk to our data, businesses, and national security.

Topics: Cybersecurity security analytics security operations cloud security application security ISSA security investigations

New Research Confirms the Cybersecurity Skills Shortage Is an Existential Threat

I’ve been writing about the cybersecurity skills shortage for 7 years, clucking like a digital "chicken little" to anyone who would listen. If you’ve followed my blogs, you probably know that ESG research from early 2017 indicated that 45% of organizations said they have a problematic shortage of cybersecurity skills. This data represents large and small organizations across all geographic regions so the cybersecurity skills shortage can be considered a pervasive global issue.

Topics: Cybersecurity cybersecurity skills shortage ISSA

SOAPA Video with Arbor Networks (Part 1)

Next up on the SOAPA video series is Arabella Hallawell, Sr. Director of Product Marketing at Arbor Networks. I first met Arbor Networks back in 2003 when it was a leading provider of network behavior anomaly detection (NBAD) tools and the company has been a steady player in network security ever since. Today, Arbor Networks is a leading provider of products and services for DDoS protection, network security analytics, threat intelligence, etc. 

Topics: Cybersecurity SIEM network security analytics network security operations SOAPA SOC Arbor Networks

Cybersecurity, Mobility, and the Expanding Perimeter (Video)

As businesses lose control of devices and rapidly adopt cloud consumption models, identity and data have become the new perimeter for IT operations and information security teams to secure and protect. My colleague Jon Oltsik and I sit down together to highlight how mobility, identity, and security are creating technology challenges, organizational barriers, and business risks as the security perimeter expands at a faster pace than business can keep up with. The discussion sparks attention towards the IT vendors that are attempting to enhance security postures from within a silo as opposed to the new purview business are dealing with today.

Topics: Cybersecurity identity and access management Enterprise Mobility

SOAPA Video with Siemplify (Part 2)

Siemplify, like other companies I’ve interviewed, is a security operations technology company. What sets Siemplify apart, however, is the background of its founders. This team isn’t composed of serial startup technologists from Silicon Valley, but rather cybersecurity experts from Israel. In fact, Amos Stern spent a good portion of his career as a security analyst, building SOCs, and training security personnel.

Topics: Cybersecurity SIEM security operations SOAPA Siemplify security operations automation and orchestration

The Cybersecurity Skills Shortage Impacts Security Operations

According to ESG research, 45% of organizations report having a problematic shortage of cybersecurity skills in 2017. Of course, this applies to all areas of cybersecurity but recent ESG research shows that the skills shortage has a direct impact on security analytics and operations. The research reveals that:

  • 54% of organizations say they don’t have the appropriate security operations skills for an organization of their size.
  • 57% of organizations say they don’t have appropriate security operations staffing for an organization of their size.
Topics: Cybersecurity SIEM incident response security operations threat hunting computer forensics

The Drivers of Change in Endpoint Security

I guess I still think like a product manager. In my last blog, the first of a few analyzing key findings from ESG’s recent endpoint security, I shared my take on the net-net design center for contemporary endpoint security solutions, one that serves two masters – efficacy and efficiency. The state of endpoint security can be characterized as one of constant change in which organizations are implementing compensating measures to improve both the efficacy and efficiency. But what factors are driving the “efficient efficacy” market requirement?

With respect to efficacy, ESG’s endpoint security research highlights that customers have experienced, and are concerned about, a diverse range of threats:

Topics: Cybersecurity endoint security

Identity Management To-Do List Aligns with Cybersecurity

My colleague Mark Bowker just completed some comprehensive research on identity and access management (IAM) challenges, plans, and strategies at enterprise organizations. As a cybersecurity professional, I welcome this data. Identity management should be a major component of an enterprise risk management strategy, yet IAM technology decisions are often treated tactically or left to application developers or IT operations staff who don’t always prioritize security in their planning.

Topics: Cybersecurity Mark Bowker IAM identity and access management

SOAPA Video with Siemplify (Part 1)

As part of the ESG SOAPA video series, Amos Stern, CEO of Siemplify, stopped by the ESG studio last week to join the discussion. Not familiar with Siemplify? The company was founded by a team of experienced security operations experts who believe that security operations technology should be easier, provide greater integration, and align better with SOC processes. Based upon these goals, Siemplify offers a product called ThreatNexus, a security operations platform designed to help analysts manage, investigate, and automate, and centralize security operations.

Topics: Cybersecurity SIEM security operations incident response automation and orchestration SOAPA SOC Siemplify security operations center