Addressing advanced malware in 2014

In the cybersecurity annals of the future, 2013 may be remembered as the year of advanced malware. Yes, I know that malware is nothing new and the term “advanced” is more hype than reality as a lot of attacks have involved little more than social engineering and off-the-shelf exploits. That said, I think it’s safe to say that this is the year that the world really woke up to malware dangers (advanced or not) and is finally willing to address this risk.

So how will enterprise organizations (i.e., more than 1,000 employees) change their security strategies over the next year to mitigate the risks associated with advanced malware threats? According to ESG research:

  • 51% of enterprise organizations say they will add a new layer of endpoint software to protect against zero day and other types of advanced malware. Good opportunity for Kaspersky, McAfee, Sophos, Symantec, and Trend Micro to talk to customers about innovation and new products but the old guard has to move quickly to prevent an incursion by new players like Bit9, Bromium, Invincea, and Malwarebytes. The network crowd (i.e., Cisco, Check Point, FireEye, Fortinet, and Palo Alto Networks, etc.) may also throw a curveball at endpoint security vendors as well. For example, Cisco (Sourcefire) is already selling an endpoint/network anti-malware solution with a combination of FireAMP and FirePOWER.
  • 49% of enterprise organizations say they will collect and analyze more security data, thus my prediction for an active year in the big data security analytics market – good news for LogRhythm and Splunk. Still, there is a lot of work to be done on the supply and demand side for this to really come to fruition.
  • 44% of enterprise organizations say they will automate more security operations tasks. Good idea since current manual security processes and informal relationship between security and IT operations is killing the effectiveness and pace of security remediation. Again, this won’t be easy as there is a cultural barrier to overcome but proactive organizations are already moving in this direction. If you are interested in this area, I suggest you have a look at Hexis Cyber Solutions’ product Hawkeye G. Forward thinking remediation stuff here.
  • 41% of enterprise organizations say they will design and build a more integrated information security architecture. In other words, they will start replacing tactical point tools with an architecture composed of central command-and-control along with distributed security enforcement. Good idea, CISOs should create a 3-5 year plan for this transition. A number of vendors including HP, IBM, McAfee, RSA Security, and Trend Micro are designing products in this direction with the enterprise in mind.
Topics: IBM Check Point Palo Alto Networks Fortinet Cisco IT Infrastructure Information and Risk Management Sourcefire FireEye HP McAfee Security and Privacy Security endpoint security Kaspersky LogRhythm trend micro bromium Symantec Invincea antivirus RSA Security Sophos Bit9 Anti-malware Hexis Splunk

Dell’s Most Secure PC Initiative Presents a New Opportunity

When it comes to selling PCs to business organizations, Dell has long held a well-deserved reputation for aggressive pricing, tailored customization services, and strong customer service. Okay, but what about endpoint security? In the past, Dell sales reps would simply open their catalog and let the customer choose from a vast list of partner options. Want AV software, full-disk encryption, or biometric authentication? Dell would simply ask its customers to choose dozen of partner options in each area.

Topics: IBM EMC Cisco Information and Risk Management HP Dell Security and Privacy Security Kaspersky Lab trend micro Symantec Invincea antivirus Sophos Anti-malware encryption

Endpoint Security: The Next Generation

When you mention endpoint security in conversation, it's not unusual to get some type of visceral response - eyes rolling, sighs, etc. Security professionals and the industry at large think of endpoint security as a commodity or "necessary evil." Some of my fellow analysts have gone so far to say that endpoint security as a category is dead (that's an old analyst trick for declaring that you've come up with some new model).

Topics: IBM Check Point Cisco Information and Risk Management Juniper FireEye McAfee Security and Privacy endpoint security Kaspersky Lab trend micro Symantec Webroot antivirus Sophos Damballa NIST Good Technologies mobile security