Most Recent Blogs

Why Is IR Automation and Orchestration So Hot?

Posted: March 16, 2017   /   By: Jon Oltsik   /   Tags: Cybersecurity, SIEM, rsa conference, security operations, SOAPA, IRP

click.jpgI couldn’t attend the RSA Conference this year but many cybersecurity professionals and my ESG colleagues told me that incident response automation and orchestration was one of the hottest topics in the halls of the Moscone Center, through the bar at the W hotel, and even at the teahouse on the garden at Yerba Buena.   

Read More

That's a Wrap! RSA Conference 2017 Thoughts and Observations, Continued (Video)

Posted: March 10, 2017   /   By: Doug Cahill   /   Tags: Cybersecurity, rsa conference, Data Center Consolidation, cloud security

Jon and Doug.jpgIn this second of a two-part video blog series, my colleague Jon Oltsik and I discuss some of the themes and takeaways from RSA Conference 2017.

Closing the cloud security readiness gap with platforms: Many vendors at RSA were offering cloud security solutions to help organization close the gap between the use of the cloud services within their company and their readiness to secure that use. These solutions spanned the gamut of “from,” “in,” and “to” cloud security with respect to security from the cloud (i.e., security-as-a-service\SECaaS), infrastructure security (workloads, APIs), and cloud app security (i.e., CASB), respectively. Compounding the readiness gap is good old heterogeneity -- most orgs use many cloud apps and multiple IaaS providers. In fact, ESG research reveals that 75% of organizations consuming IaaS services today do so from more than one CSP. These adoption dynamics create the need for cross app and cross cloud coverage which is why major players such as Cisco, Trend Micro, and Symantec are highly focused on the breadth of their cloud security portfolios while cloud security specialists such as CloudPassage, Netskope, Illumio, vArmour, Threat Stack, and others are also helping companies close the gap with offerings that continue to offer both breadth across cloud services and depth of functionality.  

Read More

That's a Wrap! RSA Conference 2017 Thoughts and Observations, Part 1 (Video)

Posted: March 03, 2017   /   By: Doug Cahill   /   Tags: Cybersecurity, endpoint security, rsa conference, security analytics, SOAPA, security operations and analytic platform

Jon and Doug.jpgRSA Conference 2017 is now a wrap and blogs such as these that attempt to summarize such a content rich event are challenged to do so in any sort of brevity, but, alas, I will try. Colleague Jon Oltsik, who fought being placed on the injured reserve list the week before RSA and missed the event for the first time in over a dozen years, and I offer a review of just some of the news from the show in this first of two video blogs. Here are some of the threads we pull on. 

Read More

RSA 2017: Anticipating Network Security Chatter

Posted: February 02, 2017   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, rsa conference

network.jpgEarlier this week, I posted a blog about my expectations for endpoint security at the upcoming RSA Conference.  Similarly, here’s what I anticipate hearing about network security:

Read More

Scratching the Surface on What to Expect at RSA 2017 (Video)

Posted: January 30, 2017   /   By: Doug Cahill   /   Tags: Cybersecurity, rsa conference, ransomware, SOAPA, security operations and analytic platform

Jon & Doug Still.jpgWith what is expected to be the largest RSA Conference to date just around the corner, my colleague Jon Oltsik and I share some thoughts on what we are expecting at this year’s seminal cybersecurity event in this video. We discuss the broad-based nature of ransomware, with commentary on how “rearview mirror ransomware protection” will address certain tiers of ransomware while new blended ransomware attacks, as well as those that target back-end infrastructure, will require additional controls and techniques. One such technique being applied in many cybersecurity products is machine learning, for which we frame its role in the context of a layered defense. We also consider how the rapid evolution of the cloud security product category, driven by the broad adoption of cloud service, could be an area of functional convergence and note the need for a security operations and analytic platform architecture (SOAPA) for hybrid cloud environments. On the topic of cloud, we also note the compelling benefits of cloud-delivered security solutions (security-as-a-service) for operational efficiency at cloud scale.

Read More

ESG On Location: Impressions from RSA 2016

Posted: March 14, 2016   /   By: Doug Cahill   /   Tags: Cybersecurity, rsa conference

As our final act of RSA Conference 2016 coverage, I wanted to share the video that my colleague Jon Oltsik and I recorded to wrap up our thoughts from San Francisco:

Read More

Before Moving on From RSA…

Posted: March 10, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, rsa conference

It’s been a week since my last meetings at RSA and I’m already thinking about travel plans and agendas for Infosec Europe and Black Hat. Before closing the book on RSA 2016, however, I have a few final thoughts about the industry and cybersecurity professional community.

Read More

RSA Conference Blue Suede Shoes

Posted: March 09, 2016   /   By: Doug Cahill   /   Tags: Cybersecurity, rsa conference

2-19-16_CS_RSA_Microsite_Sidebar_CTA.pngMy feet have almost recovered from the many miles walked at RSA last week, bouncing between meetings and sessions. Given my penchant for referencing songs and musicians in my blogs, “Feets Don’t Fail Me Now” and “Many a Mile to Freedom” come to mind.

RSA is a long week that also seems to go by quickly, a paradox of busy-ness. With the meta-changes in the scope of what to secure expanding exponentially (immutable infrastructure, knowledge worker mobility, and the world of connecting things), the moving target of attacker methods, and a myriad of protection solutions, there is much to process at RSA. Having let the input settle over the weekend, here are a few of my takeaways from RSA Conference 2016.

Read More

Many Thoughts about RSA 2016

Posted: March 07, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, rsa conference

RSA 2016 was a whirlwind of meetings, discussions, and cocktail parties. Now that I’m back home and have had a weekend to reflect on the conference, here are a few words to describe my impressions of this year’s show:

Read More

Thoughts from the dark side

Posted: March 02, 2016   /   By: Steve Duplessie   /   Tags: rsa conference

rsa conference 2016I’m lucky. After doing this for 17 years and having brilliant people that actually know what they speak of, I've been able to opt out of the big conference world. This year I opted in to RSA. Why? Because this industry is fascinating to me. We are at a rare point in time: most revolutionary/evolutionary tech industry explosions happen when one primary catalyst (an event, a technology, a company) creates net new value and the VCs then fund a ton of wannabes to try to eat the scraps left behind. During that period, we have a ton of companies who all sound the same. They all look the same. They are all positioning themselves as having a better mousetrap.

This is true at RSA — in spades.

Read More

Posts by Topic

see all