Ransomware Research Highlights (Video)

Ransomware incidents reached epidemic levels in 2016 with high profile attacks on health care organizations highlighting the operational impacts of cyber extortion by impeding the ability of some targeted organizations to deliver patient care. Cybercriminals continued to employ tried and true attack vectors and methods, principally phishing, to execute a transactional ransomware business model across multiple industries. 

Topics: Cybersecurity ransomware

Key Cybersecurity Findings from ESG’s 2018 IT Spending Intentions Research (Video)

ESG recently completed our annual IT spending intentions research in which the study gauged not only spending plans, but top of mind IT and cybersecurity considerations for economic buyers. With strengthening cybersecurity tools and process being the most important IT meta-trend, and cybersecurity the largest area of projected incremental spend, this video blog explores the dynamics that are driving cybersecurity priorities, including: 

Topics: Cybersecurity cybersecurity skills shortage IT Spending Intentions ransomware SOAPA GDPR

WannaCry Makes Me Want to Cry!

As I read about the WannaCry ransomware attack, my brain is racing with thoughts about the causes and effects of this global incident. Here’s my two cents:

Topics: Cybersecurity endpoint security ransomware

Scratching the Surface on What to Expect at RSA 2017 (Video)

With what is expected to be the largest RSA Conference to date just around the corner, my colleague Jon Oltsik and I share some thoughts on what we are expecting at this year’s seminal cybersecurity event in this video. We discuss the broad-based nature of ransomware, with commentary on how “rearview mirror ransomware protection” will address certain tiers of ransomware while new blended ransomware attacks, as well as those that target back-end infrastructure, will require additional controls and techniques. One such technique being applied in many cybersecurity products is machine learning, for which we frame its role in the context of a layered defense. We also consider how the rapid evolution of the cloud security product category, driven by the broad adoption of cloud service, could be an area of functional convergence and note the need for a security operations and analytic platform architecture (SOAPA) for hybrid cloud environments. On the topic of cloud, we also note the compelling benefits of cloud-delivered security solutions (security-as-a-service) for operational efficiency at cloud scale.

Topics: Cybersecurity RSA Conference ransomware SOAPA security operations and analytic platform

Threats and Industry Dynamics on the 2017 Cybersecurity Radar Screen (Video)

It was another notable year in cybersecurity, including the politically motivated DNC hack and WikiLeaks postings, ransomware rising to epidemic levels as this form of cybercrime grew to a $1B+ business, and the to-be-determined motivation behind the IoT botnet DDoS attack on Dyn’s DNS service. It was also a year that saw major industry moves with Symantec and BlueCoat merging and private equity taking an increasingly larger role with McAfee and RSA going private and the largest security reseller, Optiv, changing PE owners. 

With 2016 in the rear view mirror, it’s time to look ahead to 2017. The unpredictable twists and turns of the recent election in the States makes me disinclined to make predictions, so let’s call these items on the radar screen. My colleague Jon Oltsik and I share what we have on our radar screen for the coming year across the spectrum of threats, governmental regulations, industry dynamics, and more in this two-part video series. All the best in 2017!

Topics: Cybersecurity ransomware

Squirrel! What to chase at Black Hat 2016

Being a cybersecurity industry analyst can be a bit like a dog on a walk. Squirrel! And off you go. Which is to say creating a plan for Black Hat next week, be it which sessions to attend, what tech to look for, what trends to double-click on (never mind what parties to hit), can be challenging. With an attempt to keep some of the squirrels out of my peripheral vision, here a few of the ones I’ll be chasing next week at Black Hat 2016.

Topics: Cybersecurity Black Hat ransomware

Anticipating Black Hat

I was at Cisco Live a few weeks ago in the 100+ degree heat of Las Vegas and like other cybersecurity professionals, I am off to Sin City again next week for Black Hat.

Topics: Cybersecurity IoT endpoint security Black Hat cloud security ransomware

RSA Conference, Day Three

Some quick RSA thoughts before I jump into the next jam-packed day of sessions:

Topics: Networking ransomware