ESG Blogs

Over the past few years, the RSA Security Conference has become a marquee technology industry event. It has really outgrown its humble roots in cryptography and Layer 3 and 4 packet filtering – now RSA is where technology industry bigwigs meet, drink exquisite Napa Valley wine, get a broad perspective of the cybersecurity industry, and do deals.

RSA’s emergence as a “must-attend” technology industry event is a good thing on balance. For one week of the year, business, government, and technology leaders descend on San Francisco and shed a spotlight on the global state of cybersecurity. But while this attention is a good thing, RSA has evolved into a high-level affair, focusing on the “why” questions surrounding cybersecurity.

Enter Black Hat, which takes place next week in Las Vegas. Rather than concentrate further on “why” questions, Black Hat is where you go to explore “how.”

In my previous blog, What’s a Workspace?, I helped put some structure around workspaces and highlighted the key attributes. Now that we have a better understanding of what goes into a workspace and provisioning based on identity, we turn our focus to creating a workspace.

Some people like putting together jigsaw puzzles, and some people like buying paintings. Both approaches are pretty popular in the world of big data, though perhaps the nature of analytics in business tends to skew things heavily toward the "some assembly required" side of the spectrum. This is not a trivial problem, but it's a problem that does need to be solved. Connecting data sources, preparing data, developing analytical models, sharing findings...in any normal workflow, there are a number of steps to be taken, and a much larger number of technologies that will come into play.

I have been writing about cybersecurity technology integration a lot lately. For example, here’s a blog I posted in May of this year about the cybersecurity technology integration trends I see in the market. 

Elaborating on a point from a recently published blog, What’s a Workspace?

We like to think of this as a transformation from personal computing (PC), where a user was typically associated with a device, to PCS (productivity, communication, and security), where users are associated with a workspace that can be accessed from a variety of devices and locations.

The user should be at the nucleolus of a mobility strategy. In the past, we have really managed everything from a device perspective, but with the onslaught of businesses embracing mobility to enhance their employee productivity, the swing toward putting the user at the center of the workspace is upon us.

Google’s recent announcement to become a sponsor of the OpenStack foundation was a virtual coup for the open source community. With the likes of traditional technology vendors like IBM, HP, Cisco, EMC, Red Hat and others already onboard the OpenStack bandwagon, adding Google to this prestigious mix nicely rounds out the foundation’s “Who’s Who” of technology luminaries. 

I first met cybersecurity veteran, Rick Howard, when he joined Palo Alto Networks as Chief Security Officer. During our discussion, Rick mentioned an idea he was promoting for a cybersecurity canon: A list of must-read books for all cybersecurity practitioners -- be they from industry, government, or academia -- where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and that, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.

It has been a few days now since word got out that Microsoft signed a letter of intent to acquire Adallom. Since we apparently do not yet have a definitive agreement in place, we have not heard from either party on the synergies and points of leverage this acquisition provides, some of which are obvious, others more nuanced. In any case, this news highlights some fundamental dynamics for how this emerging and highly relevant security product category will develop. But, first, some context setting is in order.

In my most recent blog, I described how a recently published ESG research report on threat intelligence revealed a number of issues around commercial threat intelligence quality. As part of a recent survey of cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees), ESG found that:

We are all aware of the PC era when desktop computing made massive waves inside businesses and truly transformed the way employees worked. Today, we are headed into a very similar situation with mobility as it relates to new devices, new roles, and an interesting balance between corporate and personal computing. The days of being tethered to a desktop or laptop are rapidly changing. Heightened awareness concerning security, the many threat vectors being injected into every instantiation of the corporate computing environment, and the opportunities to unleash the potential inside smartphones and tablets are fascinating subjects.

Here are a few items to keep an eye on:

While cyber threat intelligence hype is at an all-time high across the industry, many enterprise organizations are actually building internal programs and processes for threat intelligence consumption, analysis, and operationalization. 

Here we are in the doldrums of summer, and yet endpoint security is as hot as the sweltering heat! This week alone, we got the news of CrowdStrike’s $100M in Series C financing on what is speculated to be a $1B valuation, as well as CounterTack’s acquisition of ManTech Cyber Solutions International (MCSI). The race is on to capture endpoint security footprint and market share to help organizations shore up the knowledge worker soft spot that is all too often the attack vector of choice. There are a number of interesting aspects of each piece of news, as well as some takeaways relevant to this dynamic market segment.

In 2014, ESG published a research report on network security. Cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked to identify some of their biggest network security challenges. The data revealed that:

It has often been said that there is strength in numbers. At the NYC AWS Summit, AWS CTO Werner Vogels flexed Amazon’s collective cloud muscles by pointing out that AWS has 10x the cloud capacity in use than all of the other cloud providers put together. I guess there are exceptions to that old "strength in numbers" aphorism. 

ESG has been tracking cloud-delivered desktop and applications closely and while we don’t see businesses making massive shifts to this delivery model, it certainly has its benefits, which include:

It wouldn’t be a stretch to call 2015 the year of threat intelligence. In February, President Obama signed an executive order at a cybersecurity event held at Stanford University that encourages and promotes threat intelligence sharing between the private sector and federal government. Meanwhile, the US Congress has introduced several threat sharing bills of their own. And at the annual RSA Security Conference in April, threat intelligence was clearly one of the primary topics of discussion among cybersecurity professionals, technology vendors, and government representatives.

...Unless you are actually resolved to serve your customers well.

EMC made a surprise announcement today that it is spinning out the Syncplicity division to private equity firm Skyview Capital. EMC will retain a stake in the new company (which will be called Syncplicity), and Skyview exec Jon Huberman will lead the company as the new CEO. Most of the Syncplicity team will move to the new company – though existing leader Jeetu Patel will move on to bigger and better things outside of Syncplicity. The good news is that Jeetu built a strong team and the new company will benefit from his legacy.

Cybersecurity headlines have a new angle lately. Aside from discussions about the OPM breach and Chinese cyber-espionage, there are also lots of stories about 52-week high stock prices of cybersecurity darlings like CyberArk, FireEye, Palo Alto Networks, and Splunk. I’ve also read reports about imminent IPOs and investment firms that created several new cybersecurity ETFs. 

Having moved into a new house recently, I've had some shopping to do. No matter how much we brought along from the old place, inevitably getting settled involves buying more stuff to fill in the gaps. These items range from the trivial (light bulbs & trash bags) to the significant (new home theater kit - woohoo!). Living in a small town and working online all day makes it natural to search Amazon and eBay for the things we need. As I shop, I'm quite conscious of the digital profile being built about me and my proclivities. This doesn't bother me particularly, but it's interesting to see how (in)effectively the information is being utilized to market other offers to me. 

In a recent ESG research survey, respondents were asked “If they could start from scratch, what would they do from a data protection solution perspective?” with less than half of respondents stating that they would use their existing vendor/solution.

It’s important to remember that it’s not the device that is mobile, it’s the employee. Employees today are using mobile devices to perform their job responsibilities and while most of what ESG witnesses today is based on employees consuming information, we are seeing more evidence that demonstrates how employees are using smartphones and tablets for productivity purposes. This is a significant shift. It’s valuable for a mobile employee to view e-mail, patient records, important documents, and even videos, but there can be a significant leap in value for the business when the employee uses the device to input information and for productivity purposes.

It seems like everyone is talking about threat intelligence these days: the feds are promoting public/private threat intelligence sharing across the executive and legislative branches, and the industry is buzzing about threat intelligence feeds, sharing platforms, and advanced analytics.