WannaCry Makes Me Want to Cry!

As I read about the WannaCry ransomware attack, my brain is racing with thoughts about the causes and effects of this global incident. Here’s my two cents:

Topics: Cybersecurity endpoint security cybercrime AV ransomware wannacry

Scratching the Surface on What to Expect at RSA 2017 (Video)

With what is expected to be the largest RSA Conference to date just around the corner, my colleague Jon Oltsik and I share some thoughts on what we are expecting at this year’s seminal cybersecurity event in this video. We discuss the broad-based nature of ransomware, with commentary on how “rearview mirror ransomware protection” will address certain tiers of ransomware while new blended ransomware attacks, as well as those that target back-end infrastructure, will require additional controls and techniques. One such technique being applied in many cybersecurity products is machine learning, for which we frame its role in the context of a layered defense. We also consider how the rapid evolution of the cloud security product category, driven by the broad adoption of cloud service, could be an area of functional convergence and note the need for a security operations and analytic platform architecture (SOAPA) for hybrid cloud environments. On the topic of cloud, we also note the compelling benefits of cloud-delivered security solutions (security-as-a-service) for operational efficiency at cloud scale.

Topics: Cybersecurity rsa conference ransomware SOAPA security operations and analytic platform

Threats and Industry Dynamics on the 2017 Cybersecurity Radar Screen (Video)



It was another notable year in cybersecurity, including the politically motivated DNC hack and WikiLeaks postings, ransomware rising to epidemic levels as this form of cybercrime grew to a $1B+ business, and the to-be-determined motivation behind the IoT botnet DDoS attack on Dyn’s DNS service. It was also a year that saw major industry moves with Symantec and BlueCoat merging and private equity taking an increasingly larger role with McAfee and RSA going private and the largest security reseller, Optiv, changing PE owners. 

With 2016 in the rear view mirror, it’s time to look ahead to 2017. The unpredictable twists and turns of the recent election in the States makes me disinclined to make predictions, so let’s call these items on the radar screen. My colleague Jon Oltsik and I share what we have on our radar screen for the coming year across the spectrum of threats, governmental regulations, industry dynamics, and more in this two-part video series. All the best in 2017!

Topics: Cybersecurity US government ransomware cyber-attacks 2017 predictions

Squirrel! What to chase at Black Hat 2016

Being a cybersecurity industry analyst can be a bit like a dog on a walk. Squirrel! And off you go. Which is to say creating a plan for Black Hat next week, be it which sessions to attend, what tech to look for, what trends to double-click on (never mind what parties to hit), can be challenging. With an attempt to keep some of the squirrels out of my peripheral vision, here a few of the ones I’ll be chasing next week at Black Hat 2016.

Topics: Cybersecurity CASB ransomware black hat 2016

Anticipating Black Hat

I was at Cisco Live a few weeks ago in the 100+ degree heat of Las Vegas and like other cybersecurity professionals, I am off to Sin City again next week for Black Hat.

Topics: Cybersecurity IoT endpoint security Black Hat cloud security ransomware

RSA Conference, Day Three

Some quick RSA thoughts before I jump into the next jam-packed day of sessions:

Topics: Networking ransomware