ESG Blogs

This week was Splunk’s annual user conference (.conf), which took place in Washington DC this year. Now Splunk.conf is different than lots of other user conferences, although it does remind me of some of the events I attended at the start of my career (dare I say DECWorld?). 

Many Splunk users are absolutely gaga over the product and the company. Splunk customers exchange use cases, give presentations, participate in panel discussions, and talk about the way they use Splunk today and their plans for the future. Heck, they will even open up about what features they’d like to see Splunk adopt in the future.

Last week, Hitachi held its NEXT conference in Vegas. The saying goes that “what happens in Vegas, stays in Vegas,” but I don’t think Hitachi wants that to be the case here! This is because it turns out that three previously merely linked organizations under the Hitachi umbrella formally got together as one (maybe they nipped off to one of those Vegas wedding chapels!?)—HDS, Hitachi Insights Group, and Pentaho are now a single organization: Vantara.

 In line with the convenient Latin root of its name, Veritas demonstrated that it was holding true to its established vision, at its equally-conveniently-named Vision conference last week.

What “truths” were there? On the entertaining side of things we learnt from Lynn Lucas (CMO) that humans have way more than five senses, that Mike Palmer (CPO) remains a wonderful stage storyteller (in this instance with a Dystopian IT future pastiche), and that guest-speaker Richard Branson – following on from the awful recent hurricanes – has not prioritized buying new socks!

Last week Mark Peters and I attended Hitachi's first ever user conference, Next. While the conference had the usual product and solution announcements one would expect at such an event, the biggest news was the reorganization of multiple independent divisions and companies within the Hitachi umbrella to create the new Hitachi Vantara.

Hitachi Vantara brings together HDS, Hitachi Insights Group, and Pentaho into a single organization. The new structure gives the Vantara team an opportunity to focus on a different competitive landscape than they faced separately – and in a much stronger position. Longer term, HDS will no longer be duking it out with Dell EMC, NetApp, IBM, and HPE for the (shrinking) data center infrastructure dollar. Pentaho won’t be evaluated head-to-head with Qlik. And Lumada won’t just be evaluated against GE Predix. They will be able to knit together the infrastructure, analytics, and insights into an end-to-end solution that reaches from the edge (even to sensors, leveraging the broader Hitachi organization) to the data center. 

For enterprise IT shops that may have been dismissive of Microsoft as they plan and implement their mobility strategies, Ignite proved that it is time to pay attention. Let’s face it, Microsoft has had to play catch up, but this is the first time I have seen validation of enterprise customer success, business success, and technology innovation. Here are a few highlights I’m seeing here at the event.

I've just come back from Veritas Vision 2017 and my colleague Mark Peters and I shot an ESG On Location video report from the show. Now, traditionally, Veritas has been known only for their backup and data protection solutions like Backup Exec and NetBackup. The changes for Veritas have been coming since their spinoff from Symantec last year.

This year, we saw a continued rebirth of Veritas, with a strong positioning of itself beyond simply being a data custodian and manager to being a data insights provider. Veritas is strongly embracing a multi-cloud, hyperscale product portfolio, with new products centered around data access and data management. This is an extremely smart move on Veritas' part, leveraging the strong access they have to data, across on- and off-premises, to transform themselves into providers of that data access. 

There’s an old saying that change is the enemy of security. To avoid disruptive changes, many cybersecurity professionals strive for tight control of their environment and this control extends to the management of security technologies. Experienced cybersecurity professionals often opt to install management servers and software on their networks so that management and staff “owns” their technologies and can control everything they can.

Now this type of control has long been thought of as a security best practice so many CISOs continue to eschew an alternative model: a cloud-based security management control plane. 

Recently Steve Duplessie posted a video blog; he was inspired by sights during a trip to Italy to ponder the fact that much in IT doesn’t go away. That in turn (perhaps motivated by my lack of an Italian visit!?) made me think about the things in IT that we actually do want to get rid of, or at least reduce…and how those very things are the main reasons why some infrastructural approaches stay with us for the long term! Here’s my video commentary:

Security teams collect a heck of a lot of data today. ESG research indicates that 38% of organizations collect, process, and analyze more than 10 terabytes of data as part of security operations each month. What types of data? The research indicates that the biggest data sources include firewall logs, log data from other types of security devices, log data from networking devices, data generated by AV tools, user activity logs, application logs, etc.

As a storage guy, this is going to be little difficult for me to say, or write, but the enterprise storage technology is only one part of the data management ecosystem. It is not the be-all and end-all of data management.

This realization may be tough for some storage vendors to admit, while I assume the majority of CIOs just intuitively understand it. For a business, what matters is the data, not the storage. In this ever-increasing digitally enabled world of business, data management is not a necessary evil, it is a business enabler, and can in the right circumstances become a differentiator for your company and drive revenue growth.

My colleague Doug Cahill and I have been following the development of cloud security for the past few years. What we’ve noticed is that many organizations tend to track through a pattern of actions as their organization embraces public cloud computing. The sequence goes through the following order:

1. The pushback phase. During this period, CISOs resist cloud computing, claiming that workloads won’t be adequately protected in the public cloud. This behavior may still occur for late-comers or very conservative firms but the cloud computing ship has definitely sailed at most large enterprises. In other words, CISOs aren’t given an out clause--rather, they must figure out how to secure cloud-based workloads whether they like it or not.

As the Aerosmith song goes (and to be fair, Gene Autry as well), I am back in the saddle again, the analyst saddle, that is. After a three-year adventure with a PE-backed company selling test solutions and service assurance software to enterprise and global telecommunication providers, I have returned to ESG. I would like to say that now I am older, wiser, and a lot smarter--however, what I can say for sure is that I am older, heavier, and balder! Other than becoming a cliché (old, fat, bald guy), I did have a lot of great experiences over the last few years and got to work with some great co-workers and customers. In my previous jobs, I have worked for privately owned companies based in the US and Japan, as well as VC-backed startups through their ups and downs, and I wanted to gain some experience at a PE-backed company to add to my list.  

Keeping up with the pace of change that Microsoft is delivering to the market is not a simple task for average IT professional. Since unfortunately not every IT & business professional can track every new innovation coming out of the Redmond, WA campus, events like Ignite help to accelerate the learning curve and offer an opportunity for many IT pros to advance their training and certification.

Apple tends to lean heavily in towards the everyday consumer and not speak to the potential value to businesses. It feels a bit like they have so much trust in their fanbase that Apple automatically assumes that their technology will get pulled into businesses without having to address the business market. Some may call this approach arrogant and others would call this brilliant, but the fact remains that we have witnessed from day one of the Apple iPhone that appealing to consumers and application developers has created an automatic shoo-in into the business. ESG research consistently shows that end-users are creating a significant push for business to support Apple devices (personal and corporate owned).

ESG recently surveyed 412 cybersecurity and IT professionals asking a number of questions about their organization’s security analytics and operations. Overall, security operations are quite difficult, many organizations complain about too many manual processes, too many disconnected point tools, and a real shortage of the right skills. These issues can lead to lengthy incident detection and response cycles or worse yet, damaging data breaches. Just ask Equifax.

Old friend Mike Banic recently stopped by ESG to kibitz about ESG’s SOAPA concept. Mike brings a world of experience to this topic. As VP of marketing at Vectra Networks, Mike sees enterprise challenges around security operations, and then works with customers to address their issues. 

In part two of our video series, Mike and I focus our discussion in a few areas including:

• Machine learning. In a recent ESG research survey, only 30% of cybersecurity professionals claim they are “very knowledgeable” about the role of machine learning and AI for cybersecurity operations. Given this, I asked Mike to act as an industry spokesperson to define machine learning and explain where it fits in cybersecurity operations. Mike says that machine learning is used to find features and patterns in the data so you can train the model to look for malicious behavior like a remote trojan suddenly beaconing out to an external IP address. 

As I said in my pre-VMworld blog - I have a love/hate relationship with the conference. It didn't disappoint - it was a wild and crazy few days and a veritable who's who of the tech industry. There were plenty of announcements from VMware (most notably its efforts with AWS and Google, as well as vSAN momentum), partners like Pivot3 (new partner programs and NVMe-based solutions), Dell EMC (new VxRack and Rail solutions), Lenovo (ThinkAgile VX Series and cloud reference architecture) - I think I could go on with this list for a very long time!

Much attention has been placed on modern applications and containers, and perhaps to excess. People wrote and worried about the choice of container orchestration systems—whether it’s Kubernetes, Marathon, or Swarm.

Also silly are comparisons of containers as a replacement for virtual machines, or whether serverless systems, such as AWS Lambda, are the new replacement for containers. Much of that was due to misconceptions, a desire to see a horse race where none exists, or a side effect of in-fighting in the open source community, with sponsoring organizations or vendors in the sidelines.

If you missed VMworld this year, let me attempt to summarize the key themes; Cloud, Cloud, and more Cloud. Officially, VMworld delivered a message of “any app, on any cloud, to any device,” and included themes of mobility and data security. After the moment in the keynote when VMware’s Pat Gelsinger hugged Andy Jassy of Amazon Web Services, however, the only thing that the on-premises infrastructure providers in the audience heard was the word, cloud.

The newly announced capability, VMware Cloud on AWS, is an on-demand service that enables applications to run across vSphere-based cloud environments with access to AWS infrastructure along with some of its services. At a higher level though, the announcement delivers the perfect statement that the hybrid cloud is here and it is here to stay. These two companies that just a short time ago were seen as competitors have now joined forces. The bulk of the questions that will emerge from this announcement, however, will not have to be answered by the public cloud, though. It will be the on-premises infrastructure providers that will have to respond.

ESG recently published a new research report titled, Cybersecurity Analytics and Operations in Transition. The report is based upon a survey of 412 cybersecurity and IT professionals directly involved in their organization’s security operations processes.

As part of the survey, respondents were presented with several statements and asked whether they agreed or disagreed with each. Here are a few of those statements with my analysis.

• 73% of survey respondents strongly agreed or agreed with the statement: Business management is pressuring the cybersecurity team to improve security analytics and operations. If you want proof that cybersecurity is a boardroom-level issue today, here it is. The good news is that the survey also indicates 81% of organizations plan to increase their security operations budget so business executives are willing to throw money at the problem. The bad news is that the cybersecurity team is now on the hook to deliver measurable improvements and ROI. 

VMworld is still “the place to be” for discussing data center modernization—and that means that there were several data protection vendors in attendance, each with something to say.

Full coverage of VMworld 2017 is available at our dedicated ESG On Location page. Please also view the wrap up video from the ESG team.

I have been attending VMworld for 13+ years and always enjoy the event as well as meeting with old friends while making new ones. This year VMware did a commendable job positioning its customers front and center. In fact, during the keynotes and breakout sessions, VMware employees stepped to the sidelines and let the customers tell their stories and echo the VMware value propositions. A true sign of how the market has matured.

Some industry shows—perhaps the majority—can come and go with only a section of the IT world knowing (sometimes a bigger or smaller section depending on the nature of the show, but nonetheless only a section). However, such is the breadth of what VMworld encompasses and touches that I can't imagine there are (m)any people involved in IT to any extent who don't know VMworld took place this week.