Most Recent Blogs

What is an Enterprise-class Cybersecurity Vendor?

Posted: August 17, 2017   /   By: Jon Oltsik   /   Tags: Information Security, IBM, Cybersecurity, Cisco, McAfee, Symantec, CISO, NIST, ISSA

Question-mark.jpgOn Monday of this week, I posted a blog about enterprise-class cybersecurity vendors. Which vendors are considered enterprise-class? According to recent ESG research, Cisco, IBM, Symantec, and McAfee top the list. 

This blog addressed the “who” question but not the “what.” In other words, just what is an enterprise-class cybersecurity vendor anyway? As part of its research survey, ESG asked 176 cybersecurity and IT professionals to identify the most important characteristics of an enterprise-class cybersecurity vendor. The data reveals that:

  • 35% of survey respondents say the most important attribute for an enterprise-class cybersecurity vendor is cybersecurity expertise specific to their organization’s industry. In other words, enterprise-class cybersecurity vendors need more than horizontal security solutions, they need to understand explicit industry business processes, regulations, organizational dynamics, global footprints, etc.
Read More

Cybersec Pros Choose Their Top Enterprise-class Cybersecurity Vendors

Posted: August 14, 2017   /   By: Jon Oltsik   /   Tags: IBM, Cybersecurity, Cisco, McAfee, Enterprise, Symantec, CISO

checklist.jpgBased upon lots of ESG research, some enterprise cybersecurity technology trends are emerging:

  1. Large enterprises are actively consolidating the number of vendors they do business with. This puts some of the point tools vendors at risk as CISOs sign up for enterprise licensing agreements and try to maximize ROI by using more tools from a few select vendors.
  2. Enterprises are seeking to integrate point tools into a cohesive technology architecture. Like ESG’s security operations and analytics platform architecture (SOAPA) concept, large organizations are actively integrating tools to bolster technology interoperability, improve security efficacy, and streamline security operations.
  3. All organizations need help. Yes, companies are still buying new security tools, but these new products are often accompanied by professional services. Additionally, many CISOs are now looking at cybersecurity through a portfolio management lens and figuring out which areas to outsource to MSSPs and SaaS providers.
Read More

The New McAfee

Posted: April 07, 2017   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, McAfee, endpoint security, SIEM, cloud security

Security_Shield.jpgI’ve worked with McAfee for a long time – from its independent days, during the Network Associates timeframe, through financial issues, back to McAfee and the go-go Dave DeWalt era, and finally as Intel Security. 

Read More

Cybersecurity Goes Private: McAfee and RSA

Posted: September 08, 2016   /   By: Jon Oltsik   /   Tags: EMC, Cybersecurity, Dell, McAfee, RSA, Intel, Intel Security

security_lightswitch.jpgThere are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat, taking a private company public and forming a cybersecurity industry colossus in the process. 

Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company.

Read More

Intel Security Opportunities and Challenges

Posted: November 05, 2014   /   By: Jon Oltsik   /   Tags: McAfee, Intel, Intel Security

With the glitz of Las Vegas as a background, Intel Security (aka McAfee) held its annual FOCUS event last week attracting analysts, customers, and the press alike. 

Read More

The Roller Coaster Ride toward Free Antivirus

Posted: October 23, 2014   /   By: Kyle Prigmore   /   Tags: McAfee, Kaspersky, Avast, trend micro, antivirus, free antivirus

ESG data shows that 57% of enterprises have either already switched to free antivirus software or are actively exploring the option. It makes some sense: Free AV programs have posted competitive efficacy rates against paid versions, and AV is increasingly viewed as an IT operations checkbox as opposed to a pure endpoint security control. There also seems to be a decreasing need to assign budget for AV. The thinking is that those dollars could instead be spent on newer technologies such as advanced endpoint anti-malware products, endpoint forensics, or endpoint analytics. For many organizations, ditching paid antivirus for a free product could be viewed as a sensible cost-cutting move. 

Read More

Leading Enterprise Organizations Have Established a Dedicated Network Security Group

Posted: October 06, 2014   /   By: Jon Oltsik   /   Tags: IBM, Network Security, Check Point, Palo Alto Networks, Fortinet, Cisco, IT Infrastructure, Networking, Information and Risk Management, Juniper, Sourcefire, FireEye, HP, McAfee, Security and Privacy, Security

When an enterprise organization wanted to buy network security equipment a few years ago, there was a pretty clear division of labor. The security team defined the requirements and the networking team purchased and operated equipment. In other words, the lines were divided. The security team could describe what was needed but didn’t dare tell the networking team what to buy or get involved with day-to-day care and feeding related to “networking” matters.

This “us-and-them” mentality appears to be legacy behavior. According to ESG research on network security trends, 47% of enterprise organizations now claim that they have a dedicated group in charge of all aspects of network security. Additionally, network security is done cooperatively by networking and security teams at 26% of organizations today but these firms insist that they are in the process of creating a dedicated network security group to supplant their current division of labor.

Read More

Anticipating Black Hat

Posted: August 01, 2014   /   By: Jon Oltsik   /   Tags: IBM, Check Point, Palo Alto Networks, Fortinet, Cisco, Data Management & Analytics, Information and Risk Management, Juniper, HP, McAfee, Enterprise Software, Security and Privacy, Crowdstrike, Lockheed Martin, Black Hat, trend micro, RiskIQ, 21CT, Leidos, Norse, CybOX, BitSight, Symantec, RSA, TAXII, ISC8, Blue Coat, STIX, Webroot

RSA 2014 seems like ancient history and the 2015 event isn’t until next April. No worries, however, the industry is set to gather in the Las Vegas heat next week for cocktails, sushi bars, and oh yeah – Black Hat.

Now Black Hat is an interesting blend of constituents consisting of government gumshoes, Sand Hill Rd. Merlot drinking VCs, cybersecurity business wonks, “beautiful mind” academics, and tattooed hackers – my kind of crowd! As such, we aren’t likely to hear much about NIST frameworks, GRC, or CISO strategies. Alternatively, I am looking forward to deep discussions on:

  • Advanced malware tactics. Some of my favorite cybersecurity researchers will be in town to describe what they are seeing “in the wild.” These discussions are extremely informative and scary at the same time. This is where industry analysts like me learn about the latest evasion techniques, man-in-the-browser attacks, and whether mobile malware will really impact enterprise organizations.
  • The anatomy of various security breaches. Breaches at organizations like the New York Times, Nordstrom, Target, and the Wall Street Journal receive lots of media attention, but the actual details of attacks like these are far too technical for business publications or media outlets like CNN and Fox News. These “kill chain” details are exactly what we industry insiders crave as they provide play-by-play commentary about the cybersecurity cat-and-mouse game we live in.
  • Threat intelligence. All of the leading infosec vendors (i.e., Blue Coat, Cisco, Check Point, HP, IBM, Juniper, McAfee, RSA, Symantec, Trend Micro, Webroot, etc.) have been offering threat intelligence for years, yet threat intelligence will be one of the major highlights at Black Hat. Why? Because not all security and/or threat intelligence is created equally. Newer players like BitSight, Crowdstrike, iSight Partners, Norse, RiskIQ, and Vorstack are slicing and dicing threat intelligence and customizing it for specific industries and use cases. Other vendors like Fortinet and Palo Alto Networks are actively sharing threat intelligence and encouraging other security insiders to join. Finally, there is a global hue and cry for intelligence sharing that includes industry standards (i.e. CybOX, STIX, TAXII, etc.) and even pending legislation. All of these things should create an interesting discourse.
  • Big data security analytics. This is an area I follow closely that is changing on a daily basis. It’s also an interesting community of vendors. Some (i.e., 21CT, ISC8, Leidos, Lockheed-Martin, Norse, Palantir, Raytheon, etc.), come from the post 9/11 “total information access” world, while others (Click Security, HP, IBM, Lancope, LogRhythm, RSA, etc.) are firmly rooted in the infosec industry. I look forward to a lively discussion about geeky topics like algorithms, machine learning, and visual analytics.
Read More

Is Cisco Back (as an Enterprise Security Leader)?

Posted: May 22, 2014   /   By: Jon Oltsik   /   Tags: IBM, Palo Alto Networks, Cisco, Hadoop, Networking, Information and Risk Management, Juniper, Sourcefire, FireEye, HP, McAfee, Security and Privacy, Security, CiscoLive, trend micro, Symantec, Blue Coat, TrustSec, Crossbeam, Mergers / Acquisitions, Anti-malware

It wasn’t too long ago that Cisco was a dominant force in information security technology. The company was a market leader in firewalls, IDS/IPS, and e-mail security and was actively pushing products for endpoint security and SIEM as well as security “blades” for Catalyst switches. Heck, Cisco even articulated a bold vision of “self-defending networks” with security policy, enforcement, and intelligence all baked into the network.

Somewhere around 2008, however, Cisco security went into a prolonged slump. Cisco security products didn’t offer the performance of rivals like Crossbeam (now Blue Coat), Juniper, or McAfee. Cisco missed markets like next-generation firewalls, opening the door for savvy startups like FireEye, Palo Alto Networks, and Stonesoft. Cisco products such as the Cisco Security Agent (Okena) and MARS (Protego) were abject failures and discontinued by the company. Finally, Cisco’s security team itself imploded as management and engineering leaders fled San Jose for greener valley pastures.

Read More

Advanced Evasion Techniques: Dirty, Little, Secret Weapons.

Posted: May 14, 2014   /   By: Tony Palmer   /   Tags: Information and Risk Management, McAfee, Security and Privacy, malware, Firewall, ESG Lab

Many organizations are so intent on identifying new malware that they are failing to address or in some cases even recognize advanced evasion techniques (AETs) that can enable malware to circumvent their security defenses. AETs pose a great threat because most security solutions can’t detect, much less stop them. Security professionals and executive managers need to wake up to this real and growing threat.

Advanced persistent threats (APTs) have been a huge focus in network security discussions over the past few years with good reason. Numerous organizations are implementing new solutions to protect themselves from this determined type of malware. Even so, cyber criminals have been penetrating the network defenses of even the most robust security infrastructures, including some very high-profile enterprises.

Read More

Posts by Topic

see all