Goodbye SIEM, Hello SOAPA

Security information and event management (SIEM) systems have been around for a dozen years or so. During that timeframe, SIEMs evolved from perimeter security event correlation tools, to GRC platforms, to security analytics systems. Early vendors like eSecurity, GuardedNet, Intellitactics, and NetForensics, are distant memories; today’s SIEM market is now dominated by a few leaders: LogRhythm, McAfee (aka: Nitro Security), HP (aka: ArcSight), IBM (aka: QRadar), and Splunk.

Of course, there is a community of innovative upstarts that believe that SIEM is a legacy technology. They proclaim that log management and event correlation can’t keep up with the pace of cybersecurity today, thus you need new technologies like artificial intelligence, machine learning algorithms, and neural networks to consume, process, and analyze security data in real-time. 

Topics: Cybersecurity

Hybrid Cloud Through Common Applications with Microsoft and HPE


This week, I’m continuing with part 4 of a series of blogs I am writing about hybrid cloud and systems management. I’ve laid out three types of hybrid cloud:

  • Common Platform – Where the base infrastructure and virtualization platform are the same, allowing the common use of existing management tools and processes.
  • Common Applications/APIs – Where the end applications or application APIs are the same, allowing common applications to be developed across different platforms.
  • Common Management – Where the management tools have the capability to manage all the different environments, with a common interface and process.

In part 3, I talked about the idea of a common platform and how VMware and AWS are providing a great example of that type of hybrid cloud.

Topics: Cloud Services & Orchestration

VMware and AWS are Enabling Hybrid Cloud with a Common Platform


Hello again! This is part 3 of a series of blogs I am writing about hybrid cloud and systems management. In the previous part, I talked about how hybrid cloud was clearly underdefined in the industry and I laid out three specific types of hybrid cloud. Those types were:

  • Common Platform – Where the base infrastructure and virtualization platform are the same, allowing the common use of existing management tools and processes.
  • Common Applications/APIs – Where the end applications or application APIs are the same, allowing common applications to be developed across different platforms.
  • Common Management – Where the management tools have the capability to manage all the different environments, with a common interface and process.
Topics: Cloud Services & Orchestration

Which Job-related Factors Alienate Cybersecurity Pros?

When it comes to cybersecurity jobs, it is truly a seller’s market. According to ESG research published early this year, 46% of organizations report a problematic shortage of cybersecurity skills. Additionally, a more recent research report from ESG and the Information Systems Security Association (ISSA) indicates that 46% of cybersecurity professionals are solicited by recruiters to consider another job at least once each week!

The data indicates that there aren’t enough cybersecurity professionals around and those that are employed are in high demand. This puts a lot of pressure on CISOs and human resources people to make sure to keep their existing cybersecurity staff happy so they don’t walk out the door when they are barraged by headhunters’ calls. 

Topics: Cybersecurity ISSA

Why Machine Learning is the Future of Big Data

Just as big data has emerged to heavily disrupt traditional databases and data warehouses, machine learning will be the next big wave of advancement in data management. Why, you ask? There is a simple, one word answer for you, "economics." They say any innovation has to be 10x better, faster, or cheaper to overcome the inertia of a traditional approach in IT. Apache Hadoop made it at least 10x less expensive to house data by distributing it across commodity hardware using open source software. Of course, there were (and still are) some rough edges and hidden costs, but this was compelling enough to get significant market traction versus legacy hardware and software. Weirdly, the core utility of Hadoop distributions has morphed towards being utilized mostly as a storage layer, with an ecosystem of other tools building analytics value above it.

Topics: Data Platforms, Analytics, & AI

Trump Remains Frighteningly Behind in Cybersecurity

As we move into 2017, cybersecurity concerns continue to escalate. These past few months, we’ve seen some scary incidents like the October 21 distributed denial of service (DDoS) attack on the DNS services at Dyn that used IoT devices like home routers and cameras as a botnet. Oh, and the last few months of the U.S. Presidential election featured data breaches of the DNC and Clinton campaign manager John Podesta’s email and the subsequent posting of this information on WikiLeaks.

Pretty alarming, and it doesn’t appear like things will be getting better anytime soon. This raises the question: What type of cybersecurity response can we expect from President Donald Trump’s administration? 

Of course, no one knows, but based upon what we know from the candidate and the campaign, President Trump’s cybersecurity policy looks uninformed, misguided, and elementary so far. 

Topics: Cybersecurity

Enterprise Mobility Exchange Event Highlights the Complexity of Mobility

When we conduct research at ESG, we are always inquiring about the sources of information that are most useful in helping to learn about, research, and evaluate technology products and services. “Interaction with peers” constantly tops the list, and was well reflected in the caliber of attendees at the Enterprise Mobility Exchange event I recently attended in Las Vegas. The majority of the event is dedicated to peer interaction, but attendees also receive 1-on-1 time with participating vendors. It’s an ideal way to “speed date” over several days to learn about new market innovation, potential resolutions to top challenges, and even get a glimpse into some roadmap discussions. The event is a win-win scenario for me as well, as I slice time between IT conversations and listen to fascinating discussions regarding business challenges and mobility success stories.

The primary takeaway was that mobility remains complex, and incorporates multiple pieces of technology, internal organizational alignment, and flexible business processes. Here are a few of the highlights.

Topics: Enterprise Mobility

AWS re:Invent Preview: The Case for Cloud-Delivered Security

The seminal cloud computing event, AWS re:Invent is coming up and cybersecurity is likely to once again be front and center with Amazon, vendors, and customers all discussing best practices for securing cloud and hybrid cloud environments. At the same time, some cybersecurity vendors will be sharing how they leverage the agility and ubiquity of the cloud as a delivery platform to offer security-as-a-service.

Topics: Cybersecurity AWS re:Invent

Insights from the Enterprise Mobility Exchange Event, Las Vegas

This week I’m attending an Enterprise Mobility Exchange (EME) event in Las Vegas that invites a select group of senior level IT professionals into an environment to share ideas with and gain insight from a handful of sponsors consisting of IT vendors. Among this crowd are some fascinating leaders who have accelerated their mobility journey to include augmented reality, while others still wrestle with the ‘corporate versus personal’ experience.

This event 100% confirms the complexity of mobility and the broad list of considerations impacting the business results. Being here, I’ve also concluded that mobility trends around application development, security, and device management are still in their infancy. A few of the fascinating things I have witnessed are:

Topics: Enterprise Mobility

Goodbye NAC, Hello Software-defined Perimeter (SDP)

Those of use who’ve been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco’s network admission control (a.k.a. Cisco NAC), Microsoft’s network access protection (NAP), and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).

Topics: Cybersecurity

Do You Wonder About or Fear Software-defined Storage? (Video)

Concern, confusion, and simple lack of understanding can all cause our nervousness to increase, and moreover cause people to do--or indeed not do--things that may not be best for them. Moreover there is a thing that I like to call the Assumption Gap, which only serves to make matters worse: it's that point at which new things go from "new and OK to enthusiastically discuss and investigate," to suddenly [apparently] being "understood - at least by everyone else! - and thus to studiously avoid investigating and discussing lest one displays supposed ignorance." This assumption gap can make erroneous or incomplete "knowledge" and rumors become received wisdom.

Topics: Storage

Answering the Question: What Exactly is Hybrid Cloud?

In my previous blog, I talked about my role at ESG covering systems management, DevOps, and PaaS, as well as how the use of the term hybrid cloud is almost a requirement for any product in the space. I think that many of you will agree with me that the entire idea of hybrid cloud is a little under-defined. 

Currently, most vendors define hybrid cloud on an architectural basis, as essentially any configuration with disparate cloud systems that are brought together. The definition is based mostly on the ideas that IT needs to have an on-premises environment linked to an off-premises, usually public or hosted, cloud. But for the practical implementations of hybrid cloud, we should more clearly define what a hybrid cloud can be. 

Topics: Cloud Services & Orchestration

Election Data Models Lesson for Cybersecurity

If you are like me, you were pretty convinced that Secretary Clinton was poised to be the President elect. Confidence in this opinion was based on reviewing numerous big data analytics models from the, the New York Times, Princeton, etc.  The lowest percentage gave Mrs. Clinton roughly a 65% chance of winning on November 8. 

Topics: Cybersecurity

SDSN: Software-defined What?

A few weeks ago, I blogged about some of the many networking acronyms that can transform your data center.

Topics: Networking ESG Validation Services

In Politics (as in Channel Partnering), It’s All Personal

OK, so here we are at the end of a too-long, too-painful election process. No matter who your candidate was, or whether you are depressed, elated, nervous, excited…or some combination of all of the above, lets’ talk about how we move forward and reflect on what we've learned.

Topics: Channel

How the US Election Polls Failed Us...

...and what it means for big data and analytics.

Topics: Data Platforms, Analytics, & AI

The Scary State of the Cybersecurity Profession

Most discussions about cybersecurity tend to go right to technology, and these days usually start with the words “next-generation” as in next-generation firewalls, IPS, endpoint security etc. I get it since innovative technology is sexy, but it’s important to realize that skilled cybersecurity professionals anchor cybersecurity best practices. We depend on actual people to configure controls, sort through data minutiae to detect problems, and remediate issues in a timely manner.

Since these folks protect all our digital assets daily, it’s only natural that we’d be curious as to how they are doing. To measure these feelings, ESG teamed up with the Information Systems Security Association (ISSA) and conducted a survey of 437 global cybersecurity professionals. This project resulted in a recently published research report

Topics: Cybersecurity ISSA

Systems Management at ESG

Hi, my name is Edwin Yuen and I’m a new analyst here at ESG. Now, if you have followed the virtualization and systems management space for a while, you might recognize my name. Before I joined ESG, I was Director of Product Marketing for the HPE Helion family of cloud products. Before HPE, I was Director of Cloud and Virtualization Strategy at Microsoft for many years and I was also one of the members of the original team that developed App-V Application Virtualization at Softricity. 

I have joined ESG as an analyst covering systems management, DevOps, and PaaS. These three areas represent where my experiences and expertise have been for the past 15 years. The first one, Systems Management, is an extremely diverse area, covering everything from traditional data center systems management to the new, cloud-born management tools. In fact, I cover the wide range of solution areas that systems management encompasses in my new Video Capsule.

Topics: Cloud Services & Orchestration

Are we evaluating the storage technology name or the benefit?

As a storage analyst, I am repeatedly asked to compare one storage technology solution to another. Several years ago, this wasn’t very difficult. In enterprise storage, there were really only a couple options: SAN or NAS. When comparing SAN storage, evaluations looked at performance, data resiliency features, and price. When comparing NAS solutions, technical comparisons likely emphasized price and capacity scaling, along with a myriad of different file system-specific features such as how granular the system could manage quotas or snapshots. Depending on how you look at it, those might be considered the good old days for a storage analyst. Comparing solutions was relatively easy.

Topics: Storage

Cybersecurity: A Priority for the Next POTUS

When the two major presidential candidates haven’t been focused on each other’s personal behavior or legal imbroglios, they’ve tended to discuss a few major issues such as health care, immigration reform, and battling terrorism. 

Topics: Cybersecurity

New Blog on Fiduciary Class Data Recovery

Check out this new blog post that I co-wrote with Mark Peters in which we lay out our ideas about a new data protection requirement: fiduciary class data recovery.

Topics: Data Protection

Better Business Protection – Fiduciary Class Data Recovery


Coauthored by Mark Peters and Jason Buffington

So, it’s is safe to say that everyone “gets” backup – and pretty safe to say that most people “do” backup….to a greater or lesser extent and quality. But in the same way that regular stored data has no actual value (all that matters is when you actually reference and use the stored data, whereas simply having it recorded means nothing), even the world’s best backup is completely without value until it is needed; and at that point the crucial variable is recovery.

The two of us were chatting about this the other day and a casual chin-wag turned quickly from:

Topics: Storage Data Protection

OpenStack: The Philosophical Divide

The open source cloud software has spawned a variety of perspectives on the best way to implement it.

The OpenStack Summit last week in Barcelona culminated with a new release of the cloud software, dubbed Newton. Although it appears to be a unified solution that everyone rallies around, the truth is more complex. During a keynote, participants of an interoperability challenge demonstrated that they can all run a common LAMP stack app. Participants included AT&T, Canonical, Cisco, DreamHost, Deutsche Telekom, Fujitsu, HPE, Huawei, IBM, Intel, Linaro, Mirantis, OSIC, OVH, Rackspace, Red Hat, SUSE, and VMware. This looks like one happy family, right? Well, if you look closer, you'll find they have philosophical differences.

Read the rest on Network Computing.

Topics: Networking Cloud Services & Orchestration

OpenStack Summit: Nostalgia or Looking Forward

The OpenStack Summit in Barcelona had a mixture of nostalgia and a view into the future.

Some attendees felt wistful of the days when there were many startups creating OpenStack software, such as Cloudscaling, Nebula, or Piston Cloud Computing. Those days were like Cambrian explosion, 541 million years ago, when many life forms appeared. There was plenty of enthusiasm, large, lively parties at OpenStack Summits, and a feeling that anything was possible.  Instead, the firms listed earlier have been acquired or shuttered.


That is not to say that OpenStack life forms have started to decline. Instead, large, well established systems firms such as Dell EMC, HPE, IBM, and Oracle have continued to provide OpenStack as part of their offerings, particularly as part of their hardware or SaaS offerings. GNU/Linux software firms such as Canonical, Red Hat, or SUSE have enhanced their OpenStack offerings based on their operating systems since it is a natural extension. VMware's Integrated OpenStack is in a simiar position that extends its vSphere foundation to provide OpenStack.

Topics: Networking Cloud Services & Orchestration