Blogs

Visit one of the Subject Area Blogs or ESG Analyst Blogs by clicking any link below:

Application Development & Deployment Truths               The Bigger Truth Insecure About Security
Cloud Computing Truths               Big Data, the Universe, and Everything IT Artillery
Data Management & Analytics Truths               The Business of Storage IT Depends
Data Protection Truths               Channeling IT Liquefying IT
Information Security Truths               Decoding Development and Developers Technical Optimist
Networking Truths               ESG Lab Blog  
Storage Truths                  

Individual Author Blogs can be found via EXPLORE, selecting the Author, and clicking on "Read blog."

  • February 12, 2016

    Henry Ford and Incident Response

    In the early 1900s, Henry Ford was intent on making the Model T an affordable car for the masses. To do so he had to figure out a way to vastly improve the company’s manufacturing efficiency in order to lower consumer prices. Ford’s solved this problem by adopting a modern manufacturing assembly line based upon four principles: interchangeable parts, continuous flow, division of labor, and reducing wasted efforts.

    Learn More


  • February 9, 2016

    Heterogeneous Multi-Dimensional Cloud Security

    According to ESG research, 75% of organizations use public cloud services of one kind or another today. A majority (65%) use SaaS, 38% use IaaS, and 33% use PaaS. In terms of IaaS, Amazon Web Services (AWS) is still the king of the hill, but many large enterprises are implementing or kicking the tires on alternatives.

    Learn More


  • February 4, 2016

    Cybersecurity Industry News, 2/2016

    Just five weeks into 2016 and it’s already been a busy year for the cybersecurity industry. Here are just a few highlights so far...

    Learn More


  • February 1, 2016

    The Endpoint Security Continuum

    My colleague Doug Cahill and I are knee deep into a research project on next-generation endpoint security. As part of this project we are relying on real-world experience, so we’ve interviewed dozens of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) who have already deployed new types of endpoint security software.

    Learn More


  • January 28, 2016

    Security Requirements Are Driving Identity Management

    Anyone familiar with identity management knows that it can be extremely messy — lots of tactical tools, access policies, multiple data repositories, manual processes, etc. Furthermore, user authentication continues to be anchored by user names and passwords making nearly every organizations vulnerable to credentials harvesting, identity theft, and cyber-attacks.

    Learn More


  • January 25, 2016

    Time to Consider User Behavior Analytics (UBA)

    In 2012, I did an extension research project on big data security analytics. My thesis was that big data tools like Hadoop, Mahout, MapReduce, and Pig would greatly enhance in-depth historical cybersecurity investigations beyond anything provided by SIEM tools. In retrospect I believe my assumptions were correct but the market remains in an early stage of development even today.

    Learn More


  • January 19, 2016

    Cybersecurity Customer Segments in 2016

    Depending upon whom you believe, there are roughly 800 to 1200 companies selling cybersecurity products and services to end customers. Yes, the cybersecurity market is forecast to be around $70 billion this year but that’s still a lot of vendors.

    Learn More


  • January 15, 2016

    Network Security Sandboxes Driving Next-Generation Endpoint Security

    Remember advanced persistent threats (APTs)? This term originated within the United States Air Force around 2006. In my opinion, it gained more widespread recognition after the Google “Operation Aurora” data breach first disclosed in 2010. This cyber-attack is attributed to groups associated with China’s People’s Liberation Army and impacted organizations like Adobe Systems, Juniper Networks, Northrop Grumman, Symantec, and Yahoo in addition to Google.

    Learn More


  • January 11, 2016

    The Incident Response “Fab Five”

    I’ve been focused on security analytics for several years, and spent a good part of 2015 investigating technologies and methodologies used for incident response. Based upon lots of discussions with cybersecurity professionals and a review of industry research, I’ve come up with a concept I call the incident response “fab five.”

    Learn More


  • January 8, 2016

    Predictions for Cybersecurity in 2016

    My colleague Doug Cahill and I recorded a video shortly before the holidays outlining what we're expecting to see in 2016 in the cybersecurity space. We're excited to share that video with you now.

    Learn More



More Results: