ESG Blogs

Early this morning, I received news that Splunk had announced its intention to acquire Phantom for $350m. Just as IBM purchased Resilient Systems a few years ago, Splunk decided to add a dedicated security operations automation and orchestration tool set to its SIEM platform.

Each year, ESG surveys around 700 cybersecurity and IT professionals as part of its annual IT spending intentions research. In this year’s survey, ESG asked respondents several questions about GDPR readiness. Here’s what we found out:

1. While 11% of organizations are completely prepared for GDPR (i.e., would be ready if it went into effect tomorrow), 33% say they are mostly prepared (i.e., most work done but some tasks left to accomplish), and 44% claim they are somewhat prepared (i.e., organization has identified all the steps to meet the GDPR deadline but are early in the process of completing all tasks).

ESG conducted research on the spending intentions of 651 IT decision makers to determine how 2018 may differ from previous years.

We found out that the majority of organizations were largely going to keep their infrastructure spend flat or even reduce the amount they spend on infrastructure. For many organizations this can be attributed to two initiatives – Hyperconverged and Cloud.

I’ve just begun a research project on CISO priorities in 2018. What I’m finding so far is that CISOs are increasing their focus in several areas including the following:

1. Business risk. Yes, CISOs have always been employed to protect critical business assets but in the past, this was really executed with a bottom-up perspective – from IT and security infrastructure up to business processes. Fast forward to 2018 and CISOs are moving to a top down view from business processes down to the technology. This broadens their view of risk and mandates that security controls work collectively to protect ALL the technologies used to accomplish business processes. This is a profound change that challenges even the best CISOs and security organizations.

Endpoint security is one of the most dynamic areas of cybersecurity and one that is in a state of constant change. To combat both the relatively pedestrian and more sophisticated range of attacks, most organizations, according to research conducted by the Enterprise Strategy Group, are implementing multiple compensating measures. The actions taken to improve endpoint security are across the dimensions of processes, skills, and technologies. In fact, ESG’s research reveals that 69% of organizations regularly reevaluate the effectiveness of their endpoint security strategies. Why all the attention on endpoint security? The epidemic levels of ransomware experienced in 2016 through 2017 and that are sure to extend into this year served as a catalyst for many IT and cybersecurity professionals to rethink how they secure their endpoints.

With the rise in security threats, like cyberattacks and malware, enterprise IT needs to have comprehensive systems management. The needs for a systems management solution are these three key attributes:

As part of ESG’s 2018 IT spending intentions research, IT decision makers were asked about their spending plans for enterprise mobility technology over the next 12 months. In this video, you'll learn about where enterprises are focusing their mobility spending, spending priorities, and changes in spending.

The movement toward next-generation endpoint security has accelerated over the last few years for a simple reason – cybersecurity professionals aren’t happy with the efficacy of existing antivirus tools. This market demand has led to a wave of investment and innovation from vendors like Carbon Black, CrowdStrike, Cylance, Morphisec, SentinelOne, and many others.

The one constant in IT is change. This aphorism applies not only to the technology, but to people, processes, and organizations. Like the rest of IT, ESG’s validation services have been undergoing change.

In my last few blogs, I wrote about benchmarking tools and performance analysis because, for a long time, these were significant parts of our validation process.

Recently, I was able to get some time in front of a camera to discuss my predictions for enterprise storage in 2018. The video is below, but let me provide a brief spoiler with two of the top highlights.

• Flash continues its dominance with the rise of NVMe: I will talk more about NVMe as the year goes on, but in a nutshell NVMe unlocks the true potential of flash, and that potential is far more than just high performance.

With 2018 in full motion, I wanted to add my 2018 predictions for my new coverage area, Data Protection. I've posted a video with my predictions below but here are the key points that I talk about in the video.

• There continues to be a movement of Data Protection features into other IT operations areas. We are seeing Data Protection included as part of many Systems Management solutions, showing how backing up, protecting, and restoring data should be part of a larger systems management experience. We are also seeing the shift from Data Protection to Data Management, as vendors recognize the value in understanding and helping manage the data they are protection.

According to ESG research, 51% of organizations report having a problematic shortage of cybersecurity skills in 2018. This is up from 45% in 2017. 

I was waiting on releasing my 2018 predictions for converged and hyperconverged infrastrucuture because I wanted to leverage a key data point from our recent spending intentions research. From an IT infrastructure standpoint, this year’s data had some particularly compelling data points regarding areas of opportunity where senior IT decision makers feel they can significantly streamline costs. More than half of organizations (54%) feel their on-premises storage and/or networking infrastructure is where their costs can be streamlined. My colleague Mark Peters recently wrote a great brief on the subject, but here is my quick take...

Ransomware incidents reached epidemic levels in 2016 with high profile attacks on health care organizations highlighting the operational impacts of cyber extortion by impeding the ability of some targeted organizations to deliver patient care. Cybercriminals continued to employ tried and true attack vectors and methods, principally phishing, to execute a transactional ransomware business model across multiple industries. 

ESG conducted research on the drivers, levels of adoption, perceptions and procurement sources for SD-WAN by surveying 300 IT professionals responsible for evaluating, purchasing, and managing networking technologies

We found out that 3 in 4 organizations are either using or plan to use SD-WAN. So what are the drivers? It's not one thing, but a combination of reasons such as security improvements, increased bandwidth and simplified management.

I was recently reminded of something a CISO said to me a few years ago. This security executive mentioned that his organization was struggling to maintain tight security controls in an era of cloud computing and mobility. As a result, his organization had increased its focus in two areas: Identity management and data security. He stated, “with the rise of cloud and mobility, identity and data security are the new security perimeters.” 

I mentioned this conversation to my colleague Mark Bowker who covers identity management at ESG. Mark responded that the CISO's conclusions are clearly characterized in some recent ESG research data. For example, 61% of respondents believe IAM is more difficult today than it was 2 years ago. Why are things more difficult? Survey respondents pointed to cloud computing and mobility as two primary drivers but also mentioned increasing cyber-threats, and the lack of a comprehensive IAM strategy.