What I Learned at the Tufin Customer Conference (Tufinnovate)

Last week, I attended Tufin’s annual customer conference, Tufinnovate, here in Boston. If you don’t know Tufin, the company focuses on network security policy management for enterprise organizations.

Topics: Network Security Cybersecurity Firewall cloud security network security operations

Toward Central Network Security Policy Management for Hybrid Clouds

As organizations embraced the public cloud over the past few years, security teams were on the hook to modify network security policies and implement security controls to protect cloud-based workloads. The goal was simple: Protect cloud-based workloads with network security polices and controls that were equal to or better than existing safeguards for physical and virtual servers in corporate data centers.

Topics: Network Security Cybersecurity cloud security

What is a Cybersecurity Technology Platform Anyway?

At last week’s RSA Conference, you couldn’t walk more than 10 feet on the show floor without a security vendor pitching you on its technology “platform.” Yup, Check Point, Cisco, FireEye, Forcepoint, Fortinet, McAfee, Palo Alto Networks, Symantec, Trend Micro, Webroot, and lots of others are now busy pitching platforms and will continue to do so. 

Okay, but what is the actual definition of this term? In general, vendors use the word “platform” to describe an integrated amalgamation of point products that creates a common and interoperable architecture. It’s safe to say that all vendors agree upon this platform characteristic. Beyond this basic functionality, however, there doesn’t seem to be much consensus on security technology platform requirements.

Topics: Network Security Cybersecurity endpoint security cloud security

Trend Micro’s Case as an Enterprise Security Vendor

ESG research points to a few growing trends in the enterprise security market:

Topics: Network Security Cybersecurity endpoint security trend micro antivirus SOAPA

What’s Holding Back Enterprise Security Technology Transformation?

Last week, I wrote a blog about the rapid cycle of innovation happening with security technologies today – I’ve never experienced a time when every element of the security stack is transforming.

New security technologies are arriving at an opportune time. According to ESG research, 69% have increased their cybersecurity budgets in 2017 and my guess is that they will continue to increase investment in 2018. And when asked which BUSINESS initiatives will drive the most IT spending, 39% of organizations responded, “increasing cybersecurity protection.” This means that business executives are buying into the need for cybersecurity improvements all around. 

Topics: Network Security Cybersecurity SIEM CISO cloud security ISSA

Phased Process for Cloud Security

My colleague Doug Cahill and I have been following the development of cloud security for the past few years. What we’ve noticed is that many organizations tend to track through a pattern of actions as their organization embraces public cloud computing. The sequence goes through the following order:

  1. The pushback phase. During this period, CISOs resist cloud computing, claiming that workloads won’t be adequately protected in the public cloud. This behavior may still occur for late-comers or very conservative firms but the cloud computing ship has definitely sailed at most large enterprises. In other words, CISOs aren’t given an out clause--rather, they must figure out how to secure cloud-based workloads whether they like it or not.
Topics: Network Security Cybersecurity cloud security micro-segmentation

VMware Advances Application Security

This week at VMworld, VMware announced market availability of a new security technology called AppDefense. AppDefense is an application-layer security control designed to profile applications, determine “normal” behavior, and then provide a series of least privilege controls for applications and options for security incident remediation.

Now in some respects, AppDefense is a lot like application white listing/black listing, which can be very effective for limiting the attack surface but the historical problem with application controls is operational overhead. If you want to implement white listing, you have to know what workloads are running and whether they are allowed to, and then implement controls to restrict unanticipated application behavior. This can become quite cumbersome when servers run multiple applications with dynamic development cycles and changing behavior. 

Topics: Network Security Cybersecurity VMware VMworld NSX application security

Are Next-generation Firewalls Legacy Technology?

A few years ago, next-generation firewalls (NGFWs) came out of nowhere to become a network security staple. These devices combined traditional L3/L4 packet filtering with deep packet inspection, IPS, and other network security services along with knowledge about users and applications. This broad functionality packaging changed the network security paradigm – everyone needed, or at least wanted, an NGFW at the perimeter or within the internal network.

Topics: Network Security Cybersecurity Firewall SDP

Cybersecurity Skills Shortage Impact on Technology Innovation

I continue to research and write about the ongoing global cybersecurity skills shortage. For example, ESG research indicates that 45% of organizations report a problematic shortage of cybersecurity skills today, more than any other area within IT.

Want more?  Here are a few tidbits from last year’s research project done in conjunction with the Information Systems Security Association (ISSA). In a survey of 437 cybersecurity professionals and ISSA members:

Topics: Network Security Cybersecurity ISSA SOAPA security operations and analytic platform

Cybersecurity Remains an Elusive Business Priority

I’ve been remiss by not blogging earlier this year about ESG’s annual IT spending intentions research. The year 2017 continues to follow a pattern—cybersecurity is a high business and IT priority for most organizations. 

Topics: Network Security Cybersecurity endpoint security CISO cloud security