The New McAfee

I’ve worked with McAfee for a long time – from its independent days, during the Network Associates timeframe, through financial issues, back to McAfee and the go-go Dave DeWalt era, and finally as Intel Security. 

Topics: Network Security Cybersecurity McAfee endpoint security SIEM cloud security

Micro-segmentation Projects Span Enterprise Organizations

Micro-segmentation is nothing new. We started talking about the concept a few years ago, with the onset of software-defined networking technologies like OpenFlow. More recently, micro-segmentation was most often associated with establishing trusted connections between cloud-based workloads.

Topics: Network Security Cybersecurity Networking

RIP Raimund Genes, Trend Micro CTO

I learned this past Saturday that my good friend and Trend Micro CTO, Raimund Genes, passed away suddenly last week. Raimund was only 54.

Topics: Network Security Cybersecurity endpoint security

RSA 2017: Anticipating Network Security Chatter

Earlier this week, I posted a blog about my expectations for endpoint security at the upcoming RSA Conference.  Similarly, here’s what I anticipate hearing about network security:

Topics: Network Security Cybersecurity RSA Conference

RSA Conference Topic: Endpoint Security

As the calendar shifts from January to February, cybersecurity professionals are gearing up for the RSA Security Conference in a few short weeks. Remarkably, the management team is expecting more than 50,000 attendees this year! 

So, what can we expect from RSA 2017? Well, cybersecurity is being driven by dangerous threats, digital transformation, and the need for massive scalability. This means innovation and change in just about every aspect of cybersecurity technology so I plan on writing a few blogs about my expectations for the RSA Conference. I’ll start with this one about endpoint security.

To be clear, endpoint security should no longer be defined as antivirus software. No disrespect to tried-and-true AV, but endpoint security now spans a continuum that includes advanced prevention technologies, endpoint security controls, and advanced detection/response tools. My colleague Doug Cahill and I are currently tracking more than 50 endpoint security vendors, demonstrating just how much activity there is today.

Topics: Network Security Cybersecurity endpoint security

Endpoint Security in 2017


Just a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market. Fast forward to 2017 and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. 

Why has this market changed so much in such a short timeframe? New types of targeted threats regularly circumvented signature-based AV software over the past few years. This weakness led to system compromises, data breaches, and panicky CISOs in search of AV alternatives. This in turn persuaded the fat cats on Sand Hill Rd. to throw VC dollars at anything that hinted at endpoint security innovation.

Okay, I get the need for more than signature-based AV but there simply isn’t room in the market for 50 endpoint security vendors. Thus, it’s safe to assume a lot of M&A activity and outright business failures this year. 

Topics: Network Security Cybersecurity endpoint security antivirus

Looking Back to Look Forward on Cybersecurity

By now, everyone in our industry has provided 2017 cybersecurity predictions and I’m no exception. I participated in a 2017 infosec forecast webcast with industry guru Bruce Schneier, and ESG also published a video where I exchanged cybersecurity prophecies with my colleague Doug Cahill.

Topics: Network Security Cybersecurity endpoint security cloud security ISSA

Goodbye SIEM, Hello SOAPA

Security information and event management (SIEM) systems have been around for a dozen years or so. During that timeframe, SIEMs evolved from perimeter security event correlation tools, to GRC platforms, to security analytics systems. Early vendors like eSecurity, GuardedNet, Intellitactics, and NetForensics, are distant memories; today’s SIEM market is now dominated by a few leaders: LogRhythm, McAfee (aka: Nitro Security), HP (aka: ArcSight), IBM (aka: QRadar), and Splunk.

Of course, there is a community of innovative upstarts that believe that SIEM is a legacy technology. They proclaim that log management and event correlation can’t keep up with the pace of cybersecurity today, thus you need new technologies like artificial intelligence, machine learning algorithms, and neural networks to consume, process, and analyze security data in real-time. 

Topics: Network Security Cybersecurity endpoint security SIEM antivirus security analytics

Goodbye NAC, Hello Software-defined Perimeter (SDP)

Those of use who’ve been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco’s network admission control (a.k.a. Cisco NAC), Microsoft’s network access protection (NAP), and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).

Topics: Network Security Cybersecurity NAC

Trend Micro’s Enterprise Play

I spent a few days with Trend Micro last week at its Insight event here in Boston. While Trend is a $1 billion + global cybersecurity vendor, too many cybersecurity professionals still think of Trend as an Asian-based AV player. This perception is completely antiquated however, as Trend now offers:

  • A tightly-integrated next-generation endpoint security suite. There’s a lot of industry rhetoric out there proclaiming Trend as a legacy AV vendor. Don’t believe it! Yes, Trend Micro’s endpoint security product has been around forever but the company has continuously enhanced its technology to keep up with the latest requirements. Most recently, Trend added machine learning for pre- and post-execution prevention/detection of 0-day malware which puts it on par with the next-generation endpoint security crowd. Oh, and Trend also offers its own EDR functionality as well. Armed with its new product, Trend’s layered endpoint defense should meet the security efficacy and operational efficiency requirements of even the most demanding enterprises.
Topics: Network Security Cybersecurity endpoint security cloud security