Most Recent Blogs

Anticipating Black Hat

Posted: August 01, 2014   /   By: Jon Oltsik   /   Tags: IBM, Check Point, Palo Alto Networks, Fortinet, Cisco, Data Management & Analytics, Information and Risk Management, Juniper, HP, McAfee, Enterprise Software, Security and Privacy, Crowdstrike, Lockheed Martin, Black Hat, trend micro, RiskIQ, 21CT, Leidos, Norse, CybOX, BitSight, Symantec, RSA, TAXII, ISC8, Blue Coat, STIX, Webroot

RSA 2014 seems like ancient history and the 2015 event isn’t until next April. No worries, however, the industry is set to gather in the Las Vegas heat next week for cocktails, sushi bars, and oh yeah – Black Hat.

Now Black Hat is an interesting blend of constituents consisting of government gumshoes, Sand Hill Rd. Merlot drinking VCs, cybersecurity business wonks, “beautiful mind” academics, and tattooed hackers – my kind of crowd! As such, we aren’t likely to hear much about NIST frameworks, GRC, or CISO strategies. Alternatively, I am looking forward to deep discussions on:

  • Advanced malware tactics. Some of my favorite cybersecurity researchers will be in town to describe what they are seeing “in the wild.” These discussions are extremely informative and scary at the same time. This is where industry analysts like me learn about the latest evasion techniques, man-in-the-browser attacks, and whether mobile malware will really impact enterprise organizations.
  • The anatomy of various security breaches. Breaches at organizations like the New York Times, Nordstrom, Target, and the Wall Street Journal receive lots of media attention, but the actual details of attacks like these are far too technical for business publications or media outlets like CNN and Fox News. These “kill chain” details are exactly what we industry insiders crave as they provide play-by-play commentary about the cybersecurity cat-and-mouse game we live in.
  • Threat intelligence. All of the leading infosec vendors (i.e., Blue Coat, Cisco, Check Point, HP, IBM, Juniper, McAfee, RSA, Symantec, Trend Micro, Webroot, etc.) have been offering threat intelligence for years, yet threat intelligence will be one of the major highlights at Black Hat. Why? Because not all security and/or threat intelligence is created equally. Newer players like BitSight, Crowdstrike, iSight Partners, Norse, RiskIQ, and Vorstack are slicing and dicing threat intelligence and customizing it for specific industries and use cases. Other vendors like Fortinet and Palo Alto Networks are actively sharing threat intelligence and encouraging other security insiders to join. Finally, there is a global hue and cry for intelligence sharing that includes industry standards (i.e. CybOX, STIX, TAXII, etc.) and even pending legislation. All of these things should create an interesting discourse.
  • Big data security analytics. This is an area I follow closely that is changing on a daily basis. It’s also an interesting community of vendors. Some (i.e., 21CT, ISC8, Leidos, Lockheed-Martin, Norse, Palantir, Raytheon, etc.), come from the post 9/11 “total information access” world, while others (Click Security, HP, IBM, Lancope, LogRhythm, RSA, etc.) are firmly rooted in the infosec industry. I look forward to a lively discussion about geeky topics like algorithms, machine learning, and visual analytics.
Read More

Enterprise Organizations Are Taking Steps to Improve Cybersecurity Analytics

Posted: May 27, 2014   /   By: Jon Oltsik   /   Tags: IBM, Big Data, Cisco, Information and Risk Management, FireEye, Dell, endpoint, Security and Privacy, Security, SIEM, Narus, Mandiant, Cybereason, LogRhythm, 21CT, Leidos, ISC8, Blue Coat, RSA Security, Lancope, netSkope, SDN, click security, Bit9, cybercrime, Carbon Black

Last week, online retail giant eBay announced that it was hacked between February and March of this year with stolen login credentials of an eBay employee. This gave the hackers access to the user records of 145 million users including home addresses, e-mail addresses, dates of birth, and encrypted passwords. It appears that the hackers made copies of this data so eBay is advising all users to change their passwords.

Read More

The Emerging Cybersecurity Software Architecture

Posted: May 08, 2014   /   By: Jon Oltsik   /   Tags: IBM, Microsoft, Check Point, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, McAfee, Oracle, Security and Privacy, Security, Apache, SIEM, Mitre, Kaspersky, ERP, Raytheon, Proofpoint, Lockheed, IDS, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, AV, CSC, Anti-malware

It’s been a busy week for the information cybersecurity industry. FireEye announced the acquisition of nPulse which adds network forensics to its advanced malware detection/response portfolio. IBM chimed in with a new Threat Prevention System that includes an endpoint security client, threat intelligence feeds, and integration with its network security, and analytics platforms. Finally, Symantec unveiled its Advanced Threat Protection strategy that combines existing products, future deliverables, and services.

It’s no coincidence that these three infosec security leaders are moving in this direction as the whole industry is on the same path. I’ve written about this trend a few times. I wrote a security-vendors-are-racing-toward-a-new-anti-malware-technology-model/index.html" target="_blank">blog about the integrated anti-malware technology model in March, and this the-new-cybersecurity-technology-reality-the-whole-is-greater-than-the-sum-of-its-parts/index.html">one in April about the new cybersecurity technology reality. Other vendors such as Blue Coat, Cisco, McAfee, Palo Alto Networks, and Trend Micro are also on board.

Read More

Advanced Malware Detection and Response and Other Cybersecurity Services on the Rise

Posted: April 22, 2014   /   By: Jon Oltsik   /   Tags: IBM, Cloud Computing, Cybersecurity, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, Dell, Security and Privacy, Security, Mandiant, Lockheed, DHS, Barracuda, Booz Allen Hamilton, bromium, Leidos, nsa, Cylance, cybercrime, CSC, Damballa, NIST, BT, NSF, mssp

Think about all of the cybersecurity industry activity with advanced malware detection and response and what comes to mind? Most people would probably focus on technology vendors like Bromium, Cylance, Damballa, FireEye, and Palo Alto Networks since these firms have garnered headlines, raised vast fortunes of VC funding, and even pushed through successful IPOs.

Read More

Enterprise Organizations Describe Weaknesses in Malware Detection and Protection

Posted: January 15, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Information and Risk Management, FireEye, Security and Privacy, Security, malware, Mandiant, Barracuda, Leidos, Target, cybercrime, CSC, Anti-malware, NIST, APT, Unisys, Splunk

Well here we are halfway through January and you can’t cross the street without hearing about a malware attack or security breach somewhere – Neiman Marcus, Target, Yahoo, Yikes!

When my non-technical friends ask me what they should expect moving forward, I’m not exactly a beacon of hope. My usual response is something like, “get used to it, things will likely get worse.”

Read More

Enterprise CISO Challenges In 2014

Posted: January 10, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, Security and Privacy, Security, risk management, Centrify, Malwarebytes, LogRhythm, bromium, 21CT, Leidos, RSA, Invincea, Accenture, ISC8, Blue Coat, CloudPassage, click security, Bit9, CSC, Hexis, HyTrust

I’m sure lots of CISOs spent this week meeting with their teams, reviewing their 2013 performance, and solidifying plans for 2014. Good idea from my perspective. The CISOs I’ve spoken with recently know exactly what they have to do but aren’t nearly as certain about how to do it.

At a high level, here’s what I’m hearing around CISO goals and the associated challenges ahead this year:

  1. Improve risk management. This translates into threat/vulnerability measurement, threat prevention, and ongoing communication with the business mucky mucks. The problem here is that their networks are constantly changing, scans are done on a scheduled rather than real-time basis, and the threat landscape is dangerous, sophisticated, and mysterious.
Read More

New Year’s Forecast for the Information Security Industry: Part 1

Posted: January 02, 2014   /   By: Jon Oltsik   /   Tags: IBM, Apple, Network Security, Cybersecurity, Check Point, Fortinet, Cisco, Information and Risk Management, FireEye, HP, Dell, McAfee, Security and Privacy, Security, Juniper Networks, Lockheed Martin, E&Y, Leidos, Booz Allen, Accenture, Blue Coat, ARM, CSC, Intel, NIST

I hope my cybersecurity colleagues enjoyed their holiday these past few weeks. It was surely well deserved as the year 2013 will be remembered as a whirlwind of activity featuring successful IPOs and scary security incidents. Given this, it’s likely that security professionals spent the last few weeks with one eye on family and holidays and another on emerging details about the massive breach at Target.

So what’s in store for the information security industry in 2014? On the surface, it should be a happy new year across the board for security technology vendors, MSSPs, and professional service firms. That said, there is a lot of work ahead as enterprise organizations figure out how to transform an army of point tools and manual processes into a cohesive security strategy.

Read More

Enterprise Organizations Identify Incident Detection Weaknesses

Posted: December 18, 2013   /   By: Jon Oltsik   /   Tags: IBM, Cisco, Information and Risk Management, Security and Privacy, Security, Booz Allen Hamilton, ForeScout, Guidance Software, Leidos, Blue Coat, Fidelis, LexisNexis, Bit9, CSC, Anti-malware

In the past, many large organizations spent about 70% of their security budgets on prevention and the remaining 30% on incident detection and response. Prevention is still important but given the insidious threat landscape, enterprises must assume that they will be breached. This means that they need the right processes, skills, and security analytics to detect and respond to security incidents effectively, efficiently, and in a timely manner.

Read More

Strong opportunities and some challenges for big data security analytics in 2014

Posted: December 13, 2013   /   By: Jon Oltsik   /   Tags: IBM, Hadoop, Information and Risk Management, HP, McAfee, Security and Privacy, Security, big data security analytics, SIEM, Raytheon, Narus, 21CT, Leidos, Booz Allen, RSA, Cassandra, netSkope, click security, Anti-malware, Hexis

My friends on Wall Street and Sand Hill Road will likely place a number of bets on big data security analytics in 2014. Good strategy as this market category should get loads of hype and visibility while vendor sales managers build a very healthy sales pipelines by March.

Read More

The Security Industry Remains Strong with Computer Science but Weak on IT

Posted: November 18, 2013   /   By: Jon Oltsik   /   Tags: IBM, Cybersecurity, Cisco, Information and Risk Management, FireEye, HP, Dell, Oracle, Security and Privacy, Security, Enterprise, SIEM, E&Y, Leidos, Accenture, CISO, saic, IPO, Security Management, CSC, Unisys

Last week, I was in Silicon Valley meeting with a parade of CISOs and security vendors. Business travel is no “day at the beach,” but these trips really help me keep up with the latest enterprise security challenges and potential technology solutions.

It was also nice to spend time in the Valley and re-charge my batteries toward the security industry. There was a lot of excitement out there as a result of business growth, VC investment, and the wildly successful FireEye IPO.

Read More

Posts by Topic

see all