Visit one of the Subject Area Blogs or ESG Analyst Blogs by clicking any link below:
|Application Development & Deployment Truths||The Bigger Truth||Insecure About Security|
|Cloud Computing Truths||Big Data, the Universe, and Everything||IT Artillery|
|Data Management & Analytics Truths||The Business of Storage||IT Depends|
|Data Protection Truths||Channeling IT||Liquefying IT|
|Information Security Truths||Decoding Development and Developers||Technical Optimist|
|Networking Truths||ESG Lab Blog|
Individual Author Blogs can be found via EXPLORE, selecting the Author, and clicking on "Read blog."
It seems like everyone is talking about threat intelligence these days: the feds are promoting public/private threat intelligence sharing across the executive and legislative branches, and the industry is buzzing about threat intelligence feeds, sharing platforms, and advanced analytics.
Given the booming state of the cybersecurity market, industry rhetoric is at an all-time high. One of the more nonsensical infosec banalities goes something like this: Cybersecurity has always been anchored by incident prevention technologies like AV software, firewalls, and IDS/IPS systems, but sophisticated cyber-adversaries have become extremely adept at circumventing status quo security controls. Therefore, organizations should give up on prevention and focus all their attention on incident detection and response.
To fully understand the state of cybersecurity at enterprise organizations, it’s worthwhile to review a bit of history. In the early days of Internet connectivity, information security was viewed as a necessary evil, so enterprise security budgets tended to be pretty stingy. CEOs didn’t want good security, they wanted “good enough” security, so they were only willing to provide minimal funding.
For years, endpoint security was defined by antivirus software and a few leading vendors like Kaspersky Lab, McAfee (Intel Security), Sophos, Symantec, and Trend Micro. This perception has changed over the past few years. CISOs are now demanding endpoint profiling, advanced threat detection, and forensic capabilities, opening the door for other vendors like Bit9/Carbon Black, Cisco, Confer, FireEye, ForeScout, Great Bay Software, Guidance Software, Invincea, Palo Alto, RSA, SentinelOne, Tanium, etc.
I’ve been meaning to write this blog since returning from San Francisco in April and I’ve finally gotten around to it. With the dangerous threat landscape and seemingly endless string of data breaches, there was quite a bit of industry bashing at this year’s RSA conference. Discussions featured numerous sound bites accusing the cybersecurity industry of "being stuck in the dark ages," and claiming that the industry "has failed its customers." Pretty strong stuff.
In anticipation of CiscoLive in San Diego, I posted a blog last week describing my thoughts on Cisco’s cybersecurity portfolio. After attending the event this week, I’m ready to further elaborate on these opinions by grading Cisco Cybersecurity in a number of areas...
A few short years ago, Cisco was deep in the cybersecurity doldrums. In spite of years of market leadership with products like Cisco PIX firewalls, IronPort (e-mail security), and IDS/IPS blades on Catalyst switches, the company seemed to have squandered its enviable market position. Alas, Cisco had swung and missed on security management (MARS) and endpoint (Okena) and had fallen behind companies like Fortinet, Juniper, and Palo Alto in its own network security backyard.
I participated in the Cyber Exchange Forum earlier today, an event sponsored by the Advanced Cyber Security Center (ACSC). The featured speaker was Sean Kanuck, National Intelligence Officer for Cyber Issues, Office of the Director of National Intelligence. In this role, Sean directs the production of national intelligence estimates (for cyber-threats), leads the intelligence community (IC) in cyber analysis, and writes personal assessments about strategic developments in cyberspace.
Based upon anecdotal evidence, I estimate that the average large enterprise organization uses more than 70 different security tools from an assortment of vendors. As they say in Texas, “that dog don’t hunt.” In other words, it’s nearly impossible to maintain strong security hygiene or establish best practices when the security organization is chasing cybersecurity optimization on a tool-by-tool basis.
Here’s a scenario we’ve all encountered: You go to a nice restaurant to enjoy a meal and the whole experience turns sour. The service is terrible, your entrée arrives before your salad, and your food is overcooked and virtually inedible.