CISO Perspective on the RSA Security Conference

I’ve spent a good amount of time talking to CISOs over the last few months to learn about their current priorities and how their jobs are changing. Of course, many of these security executives will be attending the RSA Security Conference in a few weeks. Based upon my meetings, here’s a sample of what CISOs will be looking for in San Francisco:

Topics: Cybersecurity threat intelligence CISO SOAPA

The Proactive CISO

I’ve spent a good amount of time speaking with CISOs over the past month and plan to write up a report about what I’m learning sometime after the RSA Security Conference. In the meantime, it’s become crystal clear to me that CISOs are becoming more and more proactive in their jobs in a few areas including:

Topics: Cybersecurity threat intelligence CISO privacy GDPR

2018: The Year of Advanced Threat Prevention

A few years ago, the cybersecurity industry adopted a new mindset that went something like this: 

Topics: Cybersecurity threat intelligence antivirus

Toward Strategic and Proactive Threat Intelligence Programs

In 2015, ESG did an in-depth research project on cyber threat intelligence usage at enterprise organizations (i.e., more than 1,000 employees). The goal of this project was to determine how large firms were using threat intelligence, what challenges they faced, how they were addressing these challenges, and what their strategies were moving forward.

  • The research revealed that many threat intelligence programs were relatively immature – 40% of threat intelligence programs had been in place less than 2 years at that time. Cybersecurity professionals were also asked to identify the top objectives for their organization’s threat intelligence program. The top results were as follows:
Topics: Cybersecurity threat intelligence

More on operationalizing threat intelligence

Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber-threats.  Overall malware volume is down but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97% of all malware variants are seen only one time. In other words, they are designed to target and attack specific organizations.

Topics: Cybersecurity threat intelligence security analytics

Operationalizing threat intelligence

In 2015, I conducted some in-depth research around enterprise organizations’ consumption, use, and sharing of threat intelligence (login required). Time and time again, I heard cybersecurity professionals proclaim that their organizations had to do a better job “operationalizing” threat intelligence. 

Topics: Cybersecurity threat intelligence

Threat intelligence gateways

According to ESG research, enterprise organizations continue to invest in all types of threat intelligence. For example, 60% of organizations have had a threat intelligence program in place for more than 2 years, 69% consume 6 or more open-source or commercial threat intelligence feeds as part of cybersecurity analytics efforts, and 72% of enterprises plan on increasing spending on their threat intelligence programs over the next 12 to 18 months.

Topics: Cybersecurity threat intelligence

Cybersecurity Industry News, 2/2016

Just five weeks into 2016 and it’s already been a busy year for the cybersecurity industry. Here are just a few highlights so far:

Topics: Cybersecurity threat intelligence ICOPs

Blue Coat Doubles Down on CASB

The CASB market, as relatively new as it is, is experiencing an accelerated maturation process, looking at the number of acquisitions, late-stage venture funding, and the entry of established brands. And it makes perfect sense: controlling the access to SaaS apps and protecting the associated corporate data assets heading north to the cloud is a broad-based concern exacerbated by the BYOD and telecommuting aspects of mobility.

Last week's announcement of Blue Coat's acquisition of Elastica is a notable marker of the rapid evolution of this cybersecurity segment with the company clearly doubling down on the palpable cloud access and control security market opportunity by following up their July acquisition of Perspecsys to further bolster their CASB offering. Already possessing essential network-based elements in its ProxySG proxy gateway and SSL decryption products, Blue Coat has key solution components — and this acquisition warrants looking at how these pieces fit together and what this may portend for the CASB market.

Topics: Cybersecurity threat intelligence

Stop CISA!

I’ve been following cybersecurity legislation for a number of years, including all the proceedings with the Cybersecurity Information Sharing Act (CISA). After much deliberation, I believe that CISA remains fundamentally flawed and needs a lot more work before it becomes the law of the land. 

Topics: Cybersecurity threat intelligence