Most Recent Blogs

The New Cybersecurity Technology Reality - the Whole Is Greater than the Sum of its Parts

Posted: April 03, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Fortinet, Cisco, Information and Risk Management, FireEye, McAfee, Security and Privacy, Security, risk management, endpoint security, Proofpoint, incident detection, incident response, Blue Coat, RSA Security, Anti-malware, incident prevention, APT

I wrote a blog last week about new integrated anti-malware technology in response to Palo Alto Network’s acquisition of Cyvera. In fact, this integrated technology model isn’t limited to anti-malware but is becoming the new reality across the cybersecurity lifecycle of risk management, incident prevention, incident detection, and incident response.

I’m convinced that this is where the market is headed, driven by burgeoning cybersecurity requirements across organizations large and small. Why do I believe this? Well, in a recent ESG research survey, 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked how their organization’s security strategy would change over the next 24 months. A little under half (44%) of respondents said that their organization would “design and build a more integrated enterprise security architecture,” the highest percentage of all responses. This trend is actually reverberating on the supply side as Blue Coat, Cisco/Sourcefire, FireEye, IBM, McAfee, PAN, and Trend Micro are all engaged in R&D and M&A activities to meet the need for technology integration.

Read More

Real-Time Big Data Security Analytics for Incident Detection

Posted: December 09, 2013   /   By: Jon Oltsik   /   Tags: IBM, Information and Risk Management, Security and Privacy, Security, big data security analytics, SIEM, LogRhythm, incident detection, 21CT, ISC8, CISO, NetFlow, Lancope, netSkope, click security, Hexis Cyber Solutions

I’ve spent the last year or so doing research on the burgeoning field of big data security analytics. Based upon the time I’ve spent on this topic, I’m convinced that CISOs are looking for immediate help with incident detection, so they will likely focus on real-time big data analytics investments in 2014.

What do I mean by real-time big data security analytics? Think stream processing of data packets, network flows, and metadata looking for anomalous/suspicious network activities that provides strong indication of a security incident in progress. A multitude of vendors including ISC8, 21CT, Click Security, Hexis Cyber Solutions, IBM, Lancope, LogRhythm, Netskope, RSA Security, SAIC, and Solera Networks (and others) play in this space.

Read More

Why Blue Coat Acquired Solera Networks

Posted: June 04, 2013   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, risk management, incident detection

A few weeks ago, Blue Coat Systems acquired Solera Networks. No one was surprised about the acquisition of Solera as it plays in the white hot big data security analytics market. That said, many people remain perplexed by the acquiring company. Several dozen reporters, vendors, and end-users have already posed a common question to me: Why Blue Coat?

Read More

First Impressions of the RSA Conference 2013

Posted: March 04, 2013   /   By: Jon Oltsik   /   Tags: IBM, Check Point, Fortinet, Cisco, Information and Risk Management, Sourcefire, FireEye, McAfee, Security and Privacy, Security, LogRhythm, incident detection, Guidance Software, trend micro, incident response, RSA Security, Anti-malware, Damballa, Splunk

After much anticipation, the 2013 RSA Conference has come and gone. I have a number of topics to blog about starting with my positive impressions of the show:

Read More

The Information Security 80/20 Rule

Posted: June 07, 2012   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, risk management, SIEM, incident detection, incident response, log management, Security Management, security analytics, APT, security operations

Over the past few months, I've been engaged in a research project on enterprise security management and operations. As part of some quantitative research, ESG created a segmentation model that divided survey respondent organizations into three sub-segments. The segmentation model broke down as follows:

Read More

Posts by Topic

see all