Most Recent Blogs

Enterprise Organizations Are Taking Steps to Improve Cybersecurity Analytics

Posted: May 27, 2014   /   By: Jon Oltsik   /   Tags: IBM, Big Data, Cisco, Information and Risk Management, FireEye, Dell, endpoint, Security and Privacy, Security, SIEM, Narus, Mandiant, Cybereason, LogRhythm, 21CT, Leidos, ISC8, Blue Coat, RSA Security, Lancope, netSkope, SDN, click security, Bit9, cybercrime, Carbon Black

Last week, online retail giant eBay announced that it was hacked between February and March of this year with stolen login credentials of an eBay employee. This gave the hackers access to the user records of 145 million users including home addresses, e-mail addresses, dates of birth, and encrypted passwords. It appears that the hackers made copies of this data so eBay is advising all users to change their passwords.

Read More

Advanced Malware Detection and Response and Other Cybersecurity Services on the Rise

Posted: April 22, 2014   /   By: Jon Oltsik   /   Tags: IBM, Cloud Computing, Cybersecurity, Palo Alto Networks, Cisco, Information and Risk Management, FireEye, HP, Dell, Security and Privacy, Security, Mandiant, Lockheed, DHS, Barracuda, Booz Allen Hamilton, bromium, Leidos, nsa, Cylance, cybercrime, CSC, Damballa, NIST, BT, NSF, mssp

Think about all of the cybersecurity industry activity with advanced malware detection and response and what comes to mind? Most people would probably focus on technology vendors like Bromium, Cylance, Damballa, FireEye, and Palo Alto Networks since these firms have garnered headlines, raised vast fortunes of VC funding, and even pushed through successful IPOs.

Read More

Good News and Bad News on Cybersecurity Priorities and Spending in 2014

Posted: February 10, 2014   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, Security, Mandiant, rsa conference, nsa, Edward Snowden, cyber attack

With the Winter Olympics in full-swing, the cybersecurity community anxiously awaits another global event, the 2014 RSA Conference. Like Sochi, the RSA Conference comes with its own controversy, but I still anticipate that most of the global information security glitterati will be in San Francisco two weeks hence.

Read More

How Antivirus Continues to Compete

Posted: January 30, 2014   /   By: Kyle Prigmore   /   Tags: Information and Risk Management, Security and Privacy, Security, malware, Mandiant, bromium, antivirus, Cylance, Bit9, AV, Guidance, antivirus software

Despite well over a decade of sales success, antivirus technology has never been beloved in the security marketplace. Security professionals do not have immense faith in antivirus (AV) products to stop modern malware, and average users have never enjoyed the notifications, scans, and updates that go along with protecting a computer from roughly 6,000 new malware variants per day.

Read More

Enterprise Organizations Describe Weaknesses in Malware Detection and Protection

Posted: January 15, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Information and Risk Management, FireEye, Security and Privacy, Security, malware, Mandiant, Barracuda, Leidos, Target, cybercrime, CSC, Anti-malware, NIST, APT, Unisys, Splunk

Well here we are halfway through January and you can’t cross the street without hearing about a malware attack or security breach somewhere – Neiman Marcus, Target, Yahoo, Yikes!

When my non-technical friends ask me what they should expect moving forward, I’m not exactly a beacon of hope. My usual response is something like, “get used to it, things will likely get worse.”

Read More

Endpoint Security Market Transformation In 2014

Posted: January 13, 2014   /   By: Jon Oltsik   /   Tags: IBM, Microsoft, Palo Alto Networks, Cisco, Information and Risk Management, Sourcefire, FireEye, McAfee, Security and Privacy, Security, Malwarebytes, Triumfant, Mandiant, Avast, trend micro, RSA, antivirus, Cylance, Bit9, Anti-malware, APT, Trusteer

It is widely agreed that the security software market is over $20 billion worldwide and that endpoint security software (aka antivirus) makes up the lion’s share of this revenue. After all, AV is an endpoint staple product bundled on new PCs, required as part of regulatory compliance, and even available for free from reputable providers such as Avast, AVG, and Microsoft.

Yup, AV software is certainly pervasive but traditional endpoint security vendors will face a number of unprecedented challenges to their comfy hegemony in 2014 for several reasons:

  1. Security professionals are increasingly questioning AV effectiveness. According to ESG research, 62% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that traditional endpoint security software is not effective for detecting zero-day and/or polymorphic malware commonly used as part of targeted attacks today. To quote Lee Atwater, ‘perception is reality’ when it comes to AV.
  2. Many organizations are already moving beyond AV. ESG research also indicates that over half (51%) of large organizations are planning to add new layers of endpoint security software in order to detect/prevent advanced malware threats. This means that enterprise companies aren’t waiting for AV vendors to catch up but rather spending on new endpoint defenses – likely with new vendors.
  3. The industry is turning up the heat. The AV market has been a cozy oligopoly dominated by a handful of vendors. This market is coming unglued as a combination of new threats and user perceptions is opening the door to an assortment of upstarts. The list includes smaller firms like Bit9, Cylance, Malwarebytes, and Triumfant as well as 800-pound gorillas like Cisco (with Sourcefire FireAMP, IBM (with Trusteer), and RSA Security (with ECAT). Oh, and let’s not forget red hot FireEye’s acquisition of Mandiant or Palo Alto’s purchase of Morta. These two firms are intent on leaving AV vendors in the dust as they pursue the title of “next-generation security company” (whatever that means).
Read More

The Pressing Need to Improve Endpoint Visibility for Information Security

Posted: August 13, 2013   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Sourcefire, McAfee, Security and Privacy, Security, endpoint security, big data security analytics, Bradford Networks, Mandiant, ForeScout, Guidance Software, bromium, Invincea, Great Bay Software, RSA Security

In a recent ESG research project, 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked to identify their organizations’ endpoint security monitoring weaknesses. Thirty percent said they were unsure about, “applications installed on each device,” 19% had difficulty monitoring “downloads/execution of suspicious code,” 12% struggled when tracking, “suspicious/malicious network activity,” and 11% had a hard time tracking “current patch levels.”

Why is it so difficult to monitor endpoint activities? An old saying comes to mind: “Water, water, everywhere but not a drop to drink.” There are records about endpoints all over the place – asset databases, CMDBs, network monitoring tools, vulnerability scanners, patch management tools, etc. – but when security analysts need up-to-the-minute information for critical remediation activities, they have to scramble around through a myriad of management systems to retrieve it.

Read More

RSA Security Conference 2013: The Most Important RSA Ever?

Posted: February 22, 2013   /   By: Jon Oltsik   /   Tags: Apple, Information and Risk Management, Security and Privacy, Security, Mandiant, rsa conference, cybercrime, Facebook, Barack Obama, DoD

It wasn’t long ago that the annual RSA Security Conference was an oasis from mainstream IT. While CIOs were focused on business process automation, the RSA crowd was celebrating technologies like DLP, web security, and key management. Yup, security was an under-funded IT stepchild and the RSA Conference was still centered on bits and bytes.

That was then, this is now and cybersecurity is everywhere – newspapers, magazines, television news, etc. Off the top of my head, here are some of the big cybersecurity news stories from the first two months of 2013:

Read More

The Advanced Malware Detection/Prevention Market

Posted: July 10, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Endpoint & Application Virtualization, IT Infrastructure, Networking, Information and Risk Management, FireEye, Security and Privacy, malware, Mandiant, trend micro, Invincea, cybercrime, Damballa, APT, advanced persistent threat, SSL, Countertack

I've been thinking a lot about the Advanced Malware Detection/Prevention (AMD/P) market lately. This market is most often associated with Advanced Persistent Threats (APTs) and vendors like Countertack, Damballa, FireEye, Invincea, and Trend Micro.

Read More

Posts by Topic

see all