Endpoint Detection and Response (EDR) Is Coming – In One Form or Another

locked_shield.jpegA few years ago (2016), my esteemed colleague Doug Cahill and I spoke with 30 enterprise organizations on their endpoint security requirements and strategies. Based upon these discussions, we came up with a concept called the endpoint security continuum. 

On one end of the continuum lies advanced threat prevention. This software is sometimes referred to as “next-generation AV” because it uses technologies like machine learning and threat intelligence integration to improve the threat prevention capabilities of traditional AV products. 

Topics: Cybersecurity antivirus software SOAPA EDR

Key Cybersecurity Findings from ESG’s 2018 IT Spending Intentions Research (Video)

Cahill_Oltsik_Spending_Intentions.jpegESG recently completed our annual IT spending intentions research in which the study gauged not only spending plans, but top of mind IT and cybersecurity considerations for economic buyers. With strengthening cybersecurity tools and process being the most important IT meta-trend, and cybersecurity the largest area of projected incremental spend, this video blog explores the dynamics that are driving cybersecurity priorities, including: 

Topics: Cybersecurity cybersecurity skills shortage IT Spending Intentions ransomware SOAPA GDPR

 2018 Cybersecurity Radar Screen (Video)

Cahill_Oltsik_Predictions.jpegIn this video blog, ESG’s cybersecurity analysts, Jon Oltsik and myself, share some of the cybersecurity developments on our radar screen that we expect to be especially relevant in 2018 including: 

  • Cloud computing chaos and how cloud services will become more prominent in addressing – and spawning – threats and vulnerabilities, including the need to better protect data resident in poorly configured AWS S3 buckets.
Topics: Cybersecurity SOAPA security operations and analytic platform 2018 Predictions

SOAPA Video with Bay Dynamics (Part 1)

SOAPA-Bay-Dynamics-p1.jpgBay Dynamics CMO, Jerry Skurla, stopped by ESG to discuss how the company participates in security operations and analytics platform architecture (SOAPA). In part one of our video, Jerry and I discuss:

Topics: SOAPA Bay Dynamics

CISOs Should Examine Commercial SOAPA Offerings in 2018

For over a year now, I’ve written about a burgeoning security technology initiative that ESG calls a security operations and analytics platform architecture (SOAPA).  Here’s a link to original blog I posted about SOAPA back in November 2016. 

Topics: Cybersecurity SIEM security operations SOAPA

SOAPA Video with Kenna Security (Part 2)

In part 2 of the video with Kenna Security, CEO Karim Toubba continued to explain why and how vulnerability and risk management have a fundamental place within a security operations and analytics platform architecture (SOAPA). Our discussion focused on:

  • The cybersecurity skills shortage. Anyone who's read my blogs knows this is a frequent topic of mine as I believe the cybersecurity skills shortage represents an existential risk to all our online safety. Karim agrees that it’s a problem and believes we need to apply compute cycles and artificial intelligence algorithms to process, analyze, and act upon the growing mountain of security data.
Topics: Cybersecurity SOAPA security operations analytics platform Kenna Security

CISO’s New Year’s Resolutions

Most people have a few New Year’s resolutions – lose some weight, exercise more, spend more time with the family, etc. Based upon ESG research and many discussions with cybersecurity professionals, here’s a list of New Year’s resolutions for enterprise CISOs:

  1. Lead the effort to make cybersecurity part of the organizational culture. ESG/ISSA research indicates that 24% of organizations claim that business managers still don’t understand or support the right level of cybersecurity. In 2018, CISOs must alter this cybersecurity ignorance and apathy. How? Make a concerted effort to gain the CEO's support. Establish regular communications with all line-of-business managers. Work to better quantify risk in ways that business managers can understand and act upon. Get involved with business process initiatives before software developers begin writing code. Push HR for more hands-on training. Walk the floor and meet employees on a regular basis. CISOs must push as hard as they can in 2018. Those that make a difference can have a personal impact on risk mitigation across the organization. Those that fail should be ready to seek other employment in 2019.
Topics: Cybersecurity CISO ISSA SOAPA

SOAPA Video with Kenna Security (Part 1)

Karim Toubba, CEO of Kenna Security, stopped by the ESG studio to discuss SOAPA and its application to vulnerability management. In part 1 of our video, Karim and I discuss:

  1. The problem with vulnerability management. Vulnerability management is one of the most mature categories of cybersecurity technology so I pressed Karim on why it applies to a new architecture like SOAPA. His response was intriguing – the issue is sorting through all the data as enterprises are dealing with millions of vulnerabilities across a full technology stack from host systems to applications to cloud workloads. SOAPA and new types of data analytics can help organizations process and manage the data, making it more useful for decision making.
Topics: Cybersecurity vulnerability management SOAPA Kenna Security

A Few Cybersecurity Predictions for 2018

Over the past few weeks, dozens of people have reached out to me with their cybersecurity predictions for 2018. Some prophecies are fairly obvious (ransomware will continue in 2018) while at the other extreme, some people are pushing doomsday forecasts aimed at garnering press hits (i.e., the US will suffer a cyber-attack in 2018 that knocks out the power grid for a substantial amount of time).

Topics: Cybersecurity SIEM cloud security machine learning SOAPA GDPR

SOAPA Video with Arbor Networks (Part 2)

In the second part of my SOAPA video with Arabella Hallawell from Arbor Networks, we discuss:

  1. SOAPA technology integration. Arbor Networks partners with lots of network service providers, giving the company a bird’s eye view of Internet traffic. The company uses this position to monitor, collect, and curate threat intelligence through its ASERT team. As part of its network security analytics products and services, it adds CTI to give customers an understanding of malicious activities happening inside and outside of their networks. Of course, integrating internal network telemetry and CTI is one of the principles of SOAPA. 
Topics: Cybersecurity security operations cyber threat intelligence network security analytics SOAPA Arbor Networks Arabella Hallawell