Second half predictions for big data & analytics

As summertime rolls on, we can enjoy a little sun, a little rest, and a big opportunity to reflect on the key trends to watch in the second half of 2016. Here are a few of my predictions of what comes next:

Topics: Internet of Things Data Platforms, Analytics, & AI

Squirrel! What to chase at Black Hat 2016

Being a cybersecurity industry analyst can be a bit like a dog on a walk. Squirrel! And off you go. Which is to say creating a plan for Black Hat next week, be it which sessions to attend, what tech to look for, what trends to double-click on (never mind what parties to hit), can be challenging. With an attempt to keep some of the squirrels out of my peripheral vision, here a few of the ones I’ll be chasing next week at Black Hat 2016.

Topics: Cybersecurity Black Hat

Anticipating Black Hat

I was at Cisco Live a few weeks ago in the 100+ degree heat of Las Vegas and like other cybersecurity professionals, I am off to Sin City again next week for Black Hat.

Topics: Cybersecurity Internet of Things Black Hat

Russian DNC hack — a cybersecurity microcosm

According to ESG research, 31% of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe the threat landscape is much worse today than it was 2 years ago, while another 36% say the threat landscape is somewhat worse today than it was 2 years ago.

Topics: Cybersecurity

Swimming application security upstream with SecDevOps

I used a metaphor during a cloud security webinar this week to explain how SecDevOps is an opportunity to “swim security upstream”, an expression that reminded me of an aspect of being a QA Manager earlier in my career. Our software development process included an acceptance phase, which, for repeatability, we executed by running a set of automated tests through a harness. Too often basic mistakes would be found, resulting in the build being rejected and thrown back over the wall to Dev, as it was back in the days of waterfall.

These inefficiencies highlighted the need to swim quality upstream in the dev process by requiring unit tests before release engineering ran a build and handed it off to QA. Just as was the case with such quality assurance steps, so too often are application security best practices performed late in the cycle, if at all. Enter SecDevOps.

Topics: Cybersecurity Cloud Services & Orchestration

The future of flash is guaranteed

When do we stop using the term "flash storage"? When does it become just "storage"? And when do we as an industry shift the qualifier to "mechanical spinning disk media"? That future may be a lot sooner than you might think. The industry perception of flash storage is transforming from why to why not as I write. At some of the more recent storage industry events I have attended, when a question is asked about the potential of flash storage, the storage administrators in the audience are just as likely as the presenter to speak up and sing the praises of all-flash storage.

Topics: Storage Cybersecurity

Cybersecurity: a vertical industry application?

Cybersecurity has always been a horizontal technology practice that’s roughly the same across all industry sectors. Yes, some industries have different regulations, use cases, or business processes that demand specific security controls, but overall every company needs things like firewalls, IDS/IPS, threat management gateways, and antivirus software regardless.

Topics: Cybersecurity Internet of Things

From rattling cages to moving goalposts — DataCore & the storage industry

Not so long ago, I wrote a blog about the stupendous industry benchmark numbers that DataCore had achieved. Well, they've just recently outdone themselves. More on that in a moment, but this blog has a wider intent than just noting its "stupendouser" (!) numbers.

Topics: Storage

The gold standard for data protection keeps evolving

Yes, of course, data protection has to evolve to keep up with how production platforms are evolving, but I would offer that the presumptive ‘gold standard’ for what is the norm for those on the front lines of proactive data protection is evolving in at least three different directions at the same time. 

Here is a 3-minute video on what we are seeing and what you should be thinking about as the evolutions continue.

Topics: Data Protection

Cisco: from CLI to cloud

With DNA, Cisco is prepping for a future where network devices can be managed from the cloud.

At last week's Cisco Live, I heard about how Cisco is working to change how network devices will be managed in the future. This will be a gradual evolution, rather than a sudden blockbuster change, but will require some adjustment for traditional networking administrators accustomed to CLI. 

Topics: Networking

Crypto:  Nominated to the Cybersecurity Canon

If you are a cybersecurity professional or interested in cybersecurity at all, you should be familiar with the Cybersecurity Canon. Just what is a Canon? There are lots of definitions but that one that applies here is, “a sanctioned or accepted group or body of related works.” With this definition in mind, the stated goal of the Cybersecurity Canon is:

“To identify a list of must-read books for all cybersecurity practitioners -- be they from industry, government, or academia -- where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.”

Topics: Cybersecurity

Carbon Black’s Acquisition of Confer Marks NGES Transition from Tools to Platform

Endpoint security is a market in transition with over 50 vendors vying for the same real estate, which entails either protecting one’s install base or displacing the incumbent, often by the means of a Trojan Horse. Recent research conducted by ESG indicates a dichotomy with respect to how organizations are adoption next gen endpoint security (NGES) controls, with some opting for advanced preventative controls and others for detection and response capabilities. But this isn’t because customers don’t prefer a single solution that provides all of the above—it’s because they’re dismissive of the advance controls from their existing AV vendor and don’t feel a next gen endpoint security platform exists.

Carbon Black’s acquisition of Confer marks an evolution in the next generation endpoint security market based on its plan to integrate this prevention technology into its cloud-delivered platform, which already covers the detect and response end of the spectrum. Here are few thoughts  a double-click down. 

Topics: Cybersecurity

What a Relief! The Federal Appeals Court Just Saved the Cloud

I've been following a case the Department of Justice brought against Microsoft for about a year and a half now. The issue? The DoJ subpoenaed Microsoft for customer email data. The catch was the email data was stored in a data center in Ireland, so Microsoft said no. 

Initially one would think that this is easy - the data is in Ireland, so it is subject to Irish data governance laws, right? It's an issue of data sovereignty - that data treatment is governed by the laws of the country in which it is located. But a district court judge ruled in July 2014 - two full years ago - that because the data was managed and controlled from the good old USA, and could be retrieved by someone here, that it is indeed subject to US law - it is a matter of where it is managed from, not stored.

Topics: Converged Infrastructure Cloud Services & Orchestration

Cybersecurity Highlights from CiscoLive

Cisco is just wrapping up its annual CiscoLive customer event. This year’s proceedings took over Las Vegas, occupying the Bellagio, Luxor, Mandalay Bay, and MGM Grand hotel. At least for this week, Cisco was bigger in Vegas than Wayne Newton, Steve Wynn, and even Carrot Top.

While digital transformation served as the main theme at CiscoLive, cybersecurity had a strong supporting role throughout the event. For example, of all of the technology and business initiatives at Cisco, CEO Chuck Robbins highlighted cybersecurity in his keynote presentation by bringing the GM of Cisco’s cybersecurity business unit (David Goeckeler) on stage to describe his division’s progress. 

Topics: Cybersecurity

A case study in how to #EpicFail at a product launch

Last week provided a case study in how to #EpicFail at a product launch. The vendor in question took a fresh look at the market and then created a completely new offering, built on a trusted brand, but stretching in a new and intriguing direction. And then, it completely failed in its first days in market.

Topics: Data Protection

IBM's cloudy future

Last week, I attended IBM’s Cloud Summit in New York. This was IBM’s opportunity to re-affirm its commitment to the cloud, and to enlighten us about IBM’s future. Over the course of the day, IBM Cloud’s senior management team detailed their cloud strategy, execution, and future plans.

Topics: Cloud Services & Orchestration

Partner portals — love that dirty water

Nobody wants to dive into a dark, murky river, and if I had a nickel for every time I heard that a partner portal is only for good deal registration, I’d be rich. There was a time when deal registration was the soul of the portal, and everything else around it was broken, obsolete or hard to find.

12 years ago I remember working on my first partner portal. I thought it was funny that it was basically a gated website that contained much of the same information as the company’s public-facing site. Sure, we would put up sales enablement tools, deal registration, link to an LMS, and post details about the partner program but that was really it.

Topics: Channel

OMG! It’s ODM!

TLAs (three-letter abbreviations) have now crept into every facet of our lives, and there’s one that is having a major impact on the IT channel.

It’s the early impact that ODM (Original Design Manufacturer) products are having on the way customers think about their data center hardware purchases, and as a result, how channel partners are now adjusting their sourcing and go-to-market strategies.

Topics: Channel

Operationalizing threat intelligence

In 2015, I conducted some in-depth research around enterprise organizations’ consumption, use, and sharing of threat intelligence (login required). Time and time again, I heard cybersecurity professionals proclaim that their organizations had to do a better job “operationalizing” threat intelligence. 

Topics: Cybersecurity