Most Recent Blogs

It Takes a Village: The Splunk User Conference 2013

Posted: October 04, 2013   /   By: Jon Oltsik   /   Tags: IBM, Apple, Information and Risk Management, Security and Privacy, Security, big data security analytics, SIEM, security intelligence, log management, F5, Security Management, Splunk

When IBM distributed its operating system in the 1950s, it actually sent the source code to its customer base. Many IT shops then actually modified the operating system with their own customized code.

Read More

Big Data Security Is Inevitable

Posted: July 12, 2012   /   By: Jon Oltsik   /   Tags: IBM, Big Data, Data Management & Analytics, Hadoop, Information and Risk Management, HP, Dell, McAfee, Enterprise Software, Security and Privacy, risk management, NoSQL, SIEM, Data Analytics, Symantec, RSA, log management, Cassandra, security analytics, BT, Verizon, Unisys, vulnerability management, threat management, Tibco

There's been a fair amount of discussion about the fact that security analytics is becoming a big data problem. I participated on a big data security panel at RSA and I believe there were a few others on this topic as well.

Read More

The Information Security 80/20 Rule

Posted: June 07, 2012   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, risk management, SIEM, incident detection, incident response, log management, Security Management, security analytics, APT, security operations

Over the past few months, I've been engaged in a research project on enterprise security management and operations. As part of some quantitative research, ESG created a segmentation model that divided survey respondent organizations into three sub-segments. The segmentation model broke down as follows:

Read More

Tibco and LogLogic: An Interesting and Revealing Acquisition

Posted: May 16, 2012   /   By: Jon Oltsik   /   Tags: IBM, Cloud Computing, Information and Risk Management, HP, McAfee, Enterprise Software, Security and Privacy, SIEM, ArcSight, RSA Security, log management, Big Data Analytics, Tibco, LogLogic, Q1 Labs

Over the past few years, a number of independent Security Information and Event Management (SIEM) vendors were acquired by bigger players. In late 2010, HP scooped up market leader ArcSight for $1.5 billion. Last year, McAfee purchased Nitro Security while IBM acquired Q1 Labs.

Read More

We Need Security Standards like Mitre's Common Event Expression (CEE)

Posted: April 18, 2012   /   By: Jon Oltsik   /   Tags: Microsoft, Cisco, Information and Risk Management, HP, McAfee, Security and Privacy, SIEM, Mitre, ArcSight, log management, NIST, Verizon, Linux

Over the past few years, I've been involved with a number of ESG Research projects all pointing to a few common problems. Even in the most sophisticated shops, security teams struggle to collect the avalanche of security data generated from different log files and tools, analyze this data in a proactive manner, or find the proverbial needle in the haystack indicating anomalous behavior.

Read More

The Intersection of Security Intelligence and Big Data Analytics

Posted: February 13, 2012   /   By: Jon Oltsik   /   Tags: IBM, Data Management & Analytics, Hadoop, Information and Risk Management, HP, McAfee, Security and Privacy, SIEM, LogRhythm, ArcSight, security intelligence, NetFlow, log management, Splunk, Big Data Analytics, Q1 Labs, RedLambda

It's official, the security industry has jumped on the "big data" bandwagon with both feet. How do I know? Well, I'm participating in a panel discussion on this topic at RSA and I believe there are 2 other sessions on the topic. I guess anyone headed to San Francisco later this month should be prepared to get a big dose of big data.

Read More

2012 Should Be The Year Of Security Incident Response

Posted: January 03, 2012   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, SIEM, incident response, log management, APT, advanced persistent threat

According to ESG Research, 20% of large organizations are certain that they've been the target of an APT attack while another 39% say that it is likely they have been targeted. Can organizations detect and react to sophisticated attacks like APTs?

Read More

Posts by Topic

see all