Defining a Cybersecurity Platform

Amidst the backdrop of a stated intent to relieve cybersecurity point tool fatigue by consolidating vendors, there is a lot of discussion, and confusion, around cybersecurity platforms. We’ve seen this before in both cybersecurity and other IT domains as products become features and products get aggregated into suites delivered on a platform comprised of a set of shared services.

Topics: Cybersecurity

Takeaways from the CISO Summit at Black Hat 2018

In this video, my colleague Jon Oltsik and I share some of our thoughts from the recent CISO Summit at Black Hat 2018. While respecting the event’s Chatam House Rules that require us to keep CISO comments anonymous, we have a conversation about some of the takeaways from the panels and presentations at the event on central cybersecurity topics including:

Topics: Cybersecurity

What Are the Most Important Attributes of a Cybersecurity Platform?

We’ve seen an ongoing cybersecurity technology trend that goes something like this:

Topics: Cybersecurity SOAPA

AWS and VMware: Fundamentally Changing Hybrid Cloud at VMworld 2018 Day 1

As I've written before, I've been a long time attendee to VMworld (if you count EMEA events separately, this is my 15th VMworld). I have to say that the VMworld 2018 Day 1 Keynote potentially had the biggest impact on the industry I have ever seen from the show.

Topics: Systems Management Cloud Platforms & Services VMworld

Heading to the Clouds: Pure Storage Acquires StorReduce

This week, we have seen a couple big announcements from Pure Storage. First, Pure announced strong financial results for the fiscal quarter. Leading to its stock price increasing as much as 19% and reaching all times highs. The news doesn’t stop there, however. Pure Storage also announced the acquisition of StorReduce, a software company that delivers a cloud-first software-defined storage platform for managing large scale unstructured data. Pure Storage also gets access to StorReduce’s deduplication technology.

Topics: Storage

The Transition Toward Enterprise-class Cybersecurity Vendors

Recently, ESG completed its second annual enterprise-class cybersecurity vendor research. The story behind this project goes something like this: Enterprise organizations (i.e., those with 1,000 employees or more) have too many point tools and are now engaged in projects to integrate security technologies while eliminating some tools and vendors along the way.

Topics: Cybersecurity SOAPA

What Are Small Organizations Doing About Cybersecurity?

Last week, I published a blog on the state of cybersecurity at small organizations. As a review, two-thirds of firms with 50 to 499 employees have experienced at least one cybersecurity incident over the past few years, leading to lost productivity and business disruptions. Survey respondents claim that the biggest contributing factors to these cybersecurity incidents include human error, a lack of knowledge about cyber risk, and new IT initiatives lacking proper cybersecurity oversight.

Topics: Cybersecurity

VMworld 2018 Preview with an HCI Lens

With VMworld approaching next week, I thought I would share what I’m expecting to hear and what I’m looking forward to on the HCI front in Vegas.

I’m excited about the shift and spotlight HCI has garnered over the last year. It’s gained traction, it’s gotten more competitive, and it’s being recognized as much more than an x86 server with compute and storage. It’s about incorporating networking, ensuring workload mobility, properly managing distributed clusters, data lifecycle management, and embracing hybrid cloud. And while all of these aspects will be key areas of focus at the show as whole, let’s focus on HCI.

Topics: VMworld

Cybersecurity Experiences at Small Organizations

ESG recently completed a research survey of 400 cybersecurity and IT professionals working at small organizations (i.e., 50 to 499 employees) in North America. As you can imagine, these firms tend to have a small staff responsible for cybersecurity and IT, reporting to business management rather than CIOs or CISOs.

Topics: Cybersecurity

Extending the Value of Hadoop and Spark with a Cloud-based Managed Service

With the growth of data and the focus on becoming more data-driven, many organizations have turned to Apache Hadoop and Apache Spark as their big data and analytics framework to store and process their data. While the solutions are quite powerful, to effectively manage a constantly evolving infrastructure that must continue to meet the demands of a modern business, it can quickly become a logistical and administrative nightmare. With the understanding that organizations have plans to adopt cloud technology and one of the top use cases for existing IaaS and PaaS users is for data analytics, the idea of leveraging an Hadoop- and Spark-based managed service in the cloud is quite appealing.

Topics: Google Next Data Management

Takeaways from Black Hat USA 2018

I’m not sure how many people attended Black Hat in Las Vegas last week, but it surely felt like a record crowd. Optimistic attendees lauded the show for its threat research and focus on cybersecurity skills while skeptics bemoaned Black Hat changes, disparagingly referring to the show as ‘RSA in the desert.’

As for yours truly, my week was educational, albeit exhausting. I started early by participating in the CISO Summit on Tuesday where I hosted a panel on AI and machine learning in cybersecurity. My week ended with a Thursday dinner brainstorming session on cybersecurity operations. There were dozens of formal and informal meetings in between. 

Topics: Cybersecurity Black Hat

HYCU Introduces BaaS for Google Cloud

Right on the heels of GoogleNext '18 (see ESG’s event coverage here), HYCU announced a new solution focused on protecting data assets in Google Cloud  (see HYCU's announcement here).

Topics: Data Protection Google Next

Extreme Sets Its Sights on 2019 and Its Customers

Extreme networks just announced its Q4 2018 earnings and it showed that the company missed the revenue estimate and lowered guidance for Q1 2019. The market reacted quickly by knocking the stock down.

Topics: Networking

Google's New Cloud Strategy Highlighted at Google Next '18 (Video)

The latest moves in Google's cloud strategy were on full display during Google Next '18. What I saw was a company that is maturing in its focus on cloud for businesses, with a focus on Enterprise support and new efforts in hybrid cloud. Below is a video review of Google Next '18 with myself and other ESG analysts. For a more detailed analysis of the show, please read my research brief on Google Next '18 on the ESG Interactive Research Portal (subscription required).

Topics: Google Next Cloud Platforms & Services

The Future of VMware: VMworld 2018 Preview

As I often joke, as most families are getting their kids ready to go back to school, with new school clothes and school supplies, IT professionals prepare for VMworld. I've been going to VMworld almost every year, sometimes twice a year if we include the EMEA show, for over a decade. I think this year in particular, much more so than in years past, is when the future of VMware will be previewed. I think there will be some exciting announcements around the shift away from just virtualization, with NSX, VMware's role with cloud native and containers, and also VMware Cloud on AWS. Watch the video below and, during the show, tweet to me @edwinyuen if you have questions, and if you are at the show, reach out to me to meet face to face. When the keynotes are over, look for a summary blog from me with my analysis of the key announcements.

Topics: VMworld Cloud Platforms & Services

Cisco Buys Duo Security to Address a ‘New’ Security Perimeter

Last week, Cisco jumped head first into the identity and access management (IAM) market with its acquisition of Duo Security for over $2.3 billion. Now, I’ve been chatting with Cisco about identity management for many years. Cisco always understood the importance of identity management in the security stack but remained reluctant to jump into this area. 

Topics: Cybersecurity

Talking Channel (ESG 360 Video Series)

"The channel" remains a crucial connection between the vendor and user communities, but like everything else in IT, it has evolved. In this discussion, part of ESG's 360 Video Series, Kevin Rhone considers some of the key changes for channel partners in recent years. These organizations have a tremendous influence over much of what is sold to, and used by, IT organizations. With a direct, vendor-owned sales force being such an expensive option, it is typically reserved for only the largest customers and/or the big-ticket items. Everything else normally flows through the channel ecosystem, which has gradually shifted from being essentially a product fulfillment operation to provide far more of an advisory status. Kevin delves into why this change is underway, and addresses whom it is good for.     

Topics: Channel

Connectivity and Experience

At the start of the year I wrote about the network becoming more relevant in 2018. As the year has progressed, I am even more convinced that this is true. In fact, as organizations transform themselves to become more agile and responsive to their customers, IT teams are reimagining their roles. Are they really about information technology or rather about ensuring that every employee, customer, partner or machine can connect to an application, service, or each other, regardless of location or technology.

As organizations continue to adopt cloud computing in its various forms – IaaS, SaaS, or PaaS - the network will be critical to ensure success. Equally relevant is the fact that the “pendulum” is now swinging towards decentralization – meaning compute and applications are being deployed at the edge or in the cloud. Branch offices are connecting directly to the cloud and not routing through centralized data centers. All of which is putting increased pressure on the network to ensure availability, performance, and security.

Topics: Networking

Anticipating Black Hat USA 2018

I’m about to leave New England and brave temperatures of 110 degrees or above. It may sound crazy, but I’m actually looking forward to the trip next week. Why? I’m heading to Black Hat USA in Las Vegas, and I’m excited to learn more about:

  1. Artificial intelligence in cybersecurity. I am hosting a panel at the CISO Summit titled, The Real Impact of AI on Cybersecurity. As part of this panel discussion, we will cut through the industry hype around AI/ML and talk about how real enterprise organizations are using and benefiting from the technology. It should be a fruitful and enlightening discussion.
Topics: Cybersecurity Black Hat Identity and Access Management

Google NEXT - Democratizing Analytics and Artificial Intelligence

Going into Google NEXT, I expected announcements across the entire cloud business. Between their recent (positive) financials, customer traction and (more importantly) growth, and a rapidly expanding list of offerings and managed services, I expected announcements to focus on what I view as their areas of differentiation: foundational built-in security by design, commitment to open-source technologies in their own and across clouds, core AI and ML solutions and services that are embedded/ integrated across GCP services, and easy-to-use cloud-native collaboration products in GSuite. While I’ll let my colleagues share their thoughts on security, mobility/devices, and dev/ops, I’ll be focusing my recap on analytics, artificial intelligence, and machine learning.

Topics: Google Next Artificial Intelligence Data Management Internet of Things