ESG Blogs

I’ve spent a good amount of time talking to CISOs over the last few months to learn about their current priorities and how their jobs are changing. Of course, many of these security executives will be attending the RSA Security Conference in a few weeks. Based upon my meetings, here’s a sample of what CISOs will be looking for in San Francisco:

Early this morning, I received news that Splunk had announced its intention to acquire Phantom for $350m. Just as IBM purchased Resilient Systems a few years ago, Splunk decided to add a dedicated security operations automation and orchestration tool set to its SIEM platform.

If you want to understand what’s happening with AI and cybersecurity, look no further than this week’s news. On Monday, Palo Alto Networks introduced Magnifier, a behavioral analytics solution that uses structured and unstructured machine learning to model network behavior and improve threat detection. Additionally, Google’s parent company Alphabet announced Chronicle, a cybersecurity intelligence platform that throws massive amounts of storage, processing power, and advanced analytics at cybersecurity data to accelerate the search and discovery of needles in a rapidly growing haystack. 

Jerry Skurla, CMO at Bay Dynamics, stopped by the ESG studio a few weeks ago to chat about SOAPA. In part 2 of our video, we discuss:

1. The role of machine learning. Enterprise organizations are embracing artificial intelligence for cybersecurity but remain confused about what it does and how they benefit. Jerry talks about machine learning and its ability to understand “normal” behavior. When it does find anomalies, they can be further categorized into benign or real issues. In this way, machine learning can help reduce all the noise in security operations – a welcome advancement.

A few years ago (2016), my esteemed colleague Doug Cahill and I spoke with 30 enterprise organizations on their endpoint security requirements and strategies. Based upon these discussions, we came up with a concept called the endpoint security continuum. 

On one end of the continuum lies advanced threat prevention. This software is sometimes referred to as “next-generation AV” because it uses technologies like machine learning and threat intelligence integration to improve the threat prevention capabilities of traditional AV products. 

ESG recently completed our annual IT spending intentions research in which the study gauged not only spending plans, but top of mind IT and cybersecurity considerations for economic buyers. With strengthening cybersecurity tools and process being the most important IT meta-trend, and cybersecurity the largest area of projected incremental spend, this video blog explores the dynamics that are driving cybersecurity priorities, including: 

In this video blog, ESG’s cybersecurity analysts, Jon Oltsik and myself, share some of the cybersecurity developments on our radar screen that we expect to be especially relevant in 2018 including: 

• Cloud computing chaos and how cloud services will become more prominent in addressing – and spawning – threats and vulnerabilities, including the need to better protect data resident in poorly configured AWS S3 buckets.

Bay Dynamics CMO, Jerry Skurla, stopped by ESG to discuss how the company participates in security operations and analytics platform architecture (SOAPA). In part one of our video, Jerry and I discuss:

For over a year now, I’ve written about a burgeoning security technology initiative that ESG calls a security operations and analytics platform architecture (SOAPA).  Here’s a link to original blog I posted about SOAPA back in November 2016.