Cyber Risk Management Continues to Grow More Difficult

As part of a recent ESG research project, 340 enterprise cybersecurity, GRC, and IT professionals were asked to compare cyber risk management today with how it was two years ago. The data indicates that 39% of survey respondents believe that cyber risk management is significantly more difficult today than it was two years ago, while another 34% say that cyber risk management is somewhat more difficult today than it was two years ago.

Topics: Cybersecurity

Data Protection Conversations:  David Safaii, CEO of Trilio (Video)

The data protection market is going through many transitions and has never been more active. As customers face new challenges every day and look for solutions, I thought it'd be great to get perspectives from the vendors who help create these solutions. That's how this vlog was born. It consists of short interviews of executives from the vendor community in which they share their views on the market. 

In this edition of Data Protection Conversations, I speak with David Safaii, CEO of Trilio.   

Topics: Data Protection data protection conversations

Cyber Risk Management in Transition

At ESG, we are just about to publish some new research on cyber risk management and I’ve been knee-deep in the data for the past month. Here are a few of my initial impressions:

  • Business managers are far more involved than they used to be. A few years ago, business executives didn’t want good security, they wanted good enough security. Back then, security professionals bemoaned these half-hearted cybersecurity efforts, longing for CEOs with cybersecurity knowledge who were truly invested in strong cybersecurity controls and oversight. Note to cybersecurity pros, ‘be careful what you wish for.’ The ESG data indicates that corporate executives and boards are much more involved and demanding these days. This is forcing CISOs and infosec teams to collect and analyze more cyber risk data and present it to the mucky-mucks in business-friendly terms. The data indicates that this is already driving a new, more comprehensive model for cyber risk management.
Topics: Cybersecurity cyber risk management

Recapping VMworld Europe: Built-in Cybersecurity for Hybrid, Multi-Clouds (Includes Video)

As a follow-up to VMworld US in Las Vegas this past August, VMware reiterated its compelling albeit ambitious strategy at VMworld Europe in Barcelona. From my perspective, that strategy is well aligned with the flexibility today’s enterprises require – the ability to run any app on any cloud accessed from any device with intrinsic security. This is the true essence of hybrid clouds for which VMware has a comprehensive definition – private cloud, public clouds, as well as Telco clouds – and a plan to offer a hybrid cloud control plane with equally flexible delivery options.

Topics: Cybersecurity

Thomas Kurian and the Future of Google Cloud

With the departure of Diane Greene as CEO of Google Cloud, a lot of people in the cloud industry are asking, "What is next for Google and how does Oracle veteran Thomas Kurian drive it?" First, let's talk about Google's place among the hyperscale public clouds. Contrary to some industry observers, ESG research has found that 81% of companies are using two or more public cloud providers and 51% are using three or more. Even more important, our research has found that 97% of companies expect that number to increase or stay the same in three years.

What this all means is that the public cloud market is not consolidating down to one or two major vendors and the opportunity is there for Google Cloud in the marketplace. That being said, as public cloud use increases, we will see the market shift from simply grabbing the greenfield of cloud users to one that is increasingly competitive. Google is certainly looking at the challenges of going up against AWS, with its VMware partnership, and Microsoft Azure and the associated services, as well as others such as IBM and Oracle.

Topics: Cloud Platforms & Services

Citrix and Sapho Create Critical Conversation

While many will focus on the technology aspect Sapho brings to Citrix, I believe this acquisition is all about owning the conversation and executing on a vision. Citrix is in the fortunate situation where it is well known and liked by its customers and partners, but a spark has been missing to take customers beyond where they are today with Citrix investments. Sapho has the potential to provide the ignition to break through application delivery challenges and connect directly into employee workflows.

Thomas Kurian, New Google Cloud CEO

Diane Greene did a great job getting Google Cloud to this point, and now Thomas Kurian has an opportunity to build quickly and firmly on this foundation. Google finds itself in an interesting place in the market as it faces the leadership position of Amazon and Microsoft, and pushes to accelerate traction in the enterprise. One of Diane's priorities at Google was to build a partner ecosystem as she did at VMware. Google has managed partnerships with the likes of SAP, but I believe Google was expecting more pull from strategic partners at this point.

Topics: Cloud Platforms & Services

Three Expected Security Themes at AWS re:Invent 2018 (Video)

As a cybersecurity industry analyst, I am admittedly guilty of being myopic in looking for security to be the leading act in the keynote at major industry events. Such was the case at AWS re:Invents of the past when security was front and center starting with a discussion about the shared responsibility security model, the foundation of any cloud security program. That started to change in the last few years with security playing more of a supporting role in Andy Jassy's and Werner Vogels' keynotes. To be clear - it’s not that AWS is now being dismissive of security by any stretch, it’s simply that security is no longer an impediment to the adoption of public cloud platforms, at least those operated and secured by major CPS such as AWS, who has always treated security as job #1. AWS no longer needs to convince the market the cloud is secure, the conversation is now about how to meet your part of the shared responsibility model.

Topics: Cybersecurity AWS re:Invent

AWS re:Invent 2018 - What Should We Look Out For?

With what has become the dominant IT event of the calendar, AWS re:Invent keeps customers and partners excited and competitors on their toes with new announcements. But what should we expect from AWS at the show this year? I have a new video blog, discussing what I think will be the two keys areas for AWS, Cloud Services and Hybrid. Please watch the video below for my thoughts and predictions for AWS re:Invent 2018.

Topics: Cloud Platforms & Services AWS re:Invent

Best-of-Breed Security Products Still Dominate – Kind Of

The history of security purchasing centers around best-of-breed products. With each requirement, security professionals would research products, review third-party tests, bring in products for internal testing, and buy those that exhibited a superior ability to prevent, detect, or respond to cyber-attacks.

Topics: Cybersecurity