Visit one of the Subject Area Blogs or ESG Analyst Blogs by clicking any link below:
|Application Development & Deployment Truths||The Bigger Truth||Insecure About Security|
|Cloud Computing Truths||Big Data, the Universe, and Everything||IT Artillery|
|Data Management & Analytics Truths||The Business of Storage||IT Depends|
|Data Protection Truths||Channeling IT||Liquefying IT|
|Information Security Truths||Decoding Development and Developers||Technical Optimist|
|Networking Truths||ESG Lab Blog|
Individual Author Blogs can be found via EXPLORE, selecting the Author, and clicking on "Read blog."
In the early 1900s, Henry Ford was intent on making the Model T an affordable car for the masses. To do so he had to figure out a way to vastly improve the company’s manufacturing efficiency in order to lower consumer prices. Ford’s solved this problem by adopting a modern manufacturing assembly line based upon four principles: interchangeable parts, continuous flow, division of labor, and reducing wasted efforts.
According to ESG research, 75% of organizations use public cloud services of one kind or another today. A majority (65%) use SaaS, 38% use IaaS, and 33% use PaaS. In terms of IaaS, Amazon Web Services (AWS) is still the king of the hill, but many large enterprises are implementing or kicking the tires on alternatives.
Just five weeks into 2016 and it’s already been a busy year for the cybersecurity industry. Here are just a few highlights so far...
My colleague Doug Cahill and I are knee deep into a research project on next-generation endpoint security. As part of this project we are relying on real-world experience, so we’ve interviewed dozens of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) who have already deployed new types of endpoint security software.
Anyone familiar with identity management knows that it can be extremely messy — lots of tactical tools, access policies, multiple data repositories, manual processes, etc. Furthermore, user authentication continues to be anchored by user names and passwords making nearly every organizations vulnerable to credentials harvesting, identity theft, and cyber-attacks.
In 2012, I did an extension research project on big data security analytics. My thesis was that big data tools like Hadoop, Mahout, MapReduce, and Pig would greatly enhance in-depth historical cybersecurity investigations beyond anything provided by SIEM tools. In retrospect I believe my assumptions were correct but the market remains in an early stage of development even today.
Depending upon whom you believe, there are roughly 800 to 1200 companies selling cybersecurity products and services to end customers. Yes, the cybersecurity market is forecast to be around $70 billion this year but that’s still a lot of vendors.
Remember advanced persistent threats (APTs)? This term originated within the United States Air Force around 2006. In my opinion, it gained more widespread recognition after the Google “Operation Aurora” data breach first disclosed in 2010. This cyber-attack is attributed to groups associated with China’s People’s Liberation Army and impacted organizations like Adobe Systems, Juniper Networks, Northrop Grumman, Symantec, and Yahoo in addition to Google.
I’ve been focused on security analytics for several years, and spent a good part of 2015 investigating technologies and methodologies used for incident response. Based upon lots of discussions with cybersecurity professionals and a review of industry research, I’ve come up with a concept I call the incident response “fab five.”
My colleague Doug Cahill and I recorded a video shortly before the holidays outlining what we're expecting to see in 2016 in the cybersecurity space. We're excited to share that video with you now.