Most Recent Blogs

Talking SOAPA with Vectra Networks (Video, Part 1)

Posted: August 31, 2017   /   By: Jon Oltsik   /   Tags: Cybersecurity, SIEM, network security analytics, SOAPA, EDR, Vectra Networks

SOAPA-Vectra.jpgOld friend and VP of marketing at Vectra Networks, Mike Banic, stopped by to discuss ESG’s security operations and analytics platform architecture (SOAPA) and its impact on cybersecurity. In part 1 of our discussion, Mike and I chat about:

  • Why network telemetry is so important for security analytics. Mike reminds me that ‘the network doesn’t lie.’ In other words, cyber-attack kill chains are synonymous with network communications so threat detection equates with knowing what to look for within network traffic patterns.
Read More

Cybersecurity Skills Shortage: Profound Impact on Security Analytics and Operations

Posted: July 24, 2017   /   By: Jon Oltsik   /   Tags: Cybersecurity, cybersecurity skills shortage, SIEM, CISO, network security analytics, network security operations

skills-shortage.jpgI’ve written a lot about the cybersecurity skills shortage over the past 5 years. For example, ESG research indicates that 45% of organizations claim to have a problematic shortage of cybersecurity skills. 

Read More

Cybersecurity Operations: More Difficult Than It Was 2 Years Ago

Posted: July 17, 2017   /   By: Jon Oltsik   /   Tags: Cybersecurity, big data security analytics, SIEM, CISO, security operations, network security analytics, SOC

Global_Security.jpgESG just published a new research report titled, Cybersecurity Analytics and Operations in Transition, based upon a survey of 412 cybersecurity and IT professionals working at large midmarket (i.e., 500 to 999 employees) and enterprise (i.e. more than 1,000 employees) organizations in North America and Western Europe.

The data is quite interesting, to say the least, so look for lots of blogs from me over the next few weeks on a myriad of security operations topics we covered in this project. Furthermore, my esteemed colleague Doug Cahill and I are hosting a webinar this Wednesday, July 19. Feel free to attend, more details can be found here

When I do end-user research on cybersecurity topics, I usually ask respondents a basic question: How are things today compared to 2 years ago? This research project was no exception and, as it turns out, 27% of survey respondents say that cybersecurity analytics and operations is much more difficult than 2 years ago while another 45% say that cybersecurity analytics and operations is somewhat more difficult today than 2 years ago.

Read More

Enterprises are investing in network security analytics

Posted: June 03, 2016   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, security analytics, network security analytics

network securityIf I’ve heard it once, I’ve heard it a thousand times: traditional security controls are no longer effective at blocking cyber-threats, so enterprise organizations are deploying new types of security defenses and investing in new tools to improve incident detection and response.

Unfortunately, this can be more difficult than it seems. Why? Effective Incident detection and response depends upon security analytics technology, and this is where the confusion lies. It turns out that there are lots of security analytics tools out there that approach this problem from different angles. Given this reality, where the heck do you start?

Read More

Posts by Topic

see all