Blogs

I had the opportunity to connect with Sam Werner recently in San Francisco at IBM’s THINK 2019 event for a new data protection conversation. Check out the video to learn more about IBM’s data protection directions.

As adversaries continue to be more aggressive and more targeted in their attack techniques, security teams are continuously challenged to implement more comprehensive endpoint protection strategies to keep up. Next-generation security vendors like Carbon Black, CrowdStrike, and Cylance have set the agenda, delivering integrated prevention, detection, and response platforms leveraging the cloud and a single agent. Established endpoint players like Symantec, Trend Micro, and Sophos have quickly responded, delivering integrated solutions leveraging both cloud and a common agent. ESG research shows that 77% of companies surveyed plan to move to an integrated security suite with a preference towards a single vendor, with an even split between companies who are looking to next-gen providers and those looking to the large, established security players.

In its most recent announcement, Cohesity introduced new capabilities that will help its customers go beyond just backup or data consolidation, crossing what I call the "Data Management" chasm.

The fundamental issue with data is that there's just too much of it, making it expensive to store, manage and truly leverage. At the same time, from a business perspective, data (within compliance reason) should be your friend, not your enemy.

I’ve attended the RSA Conference for the past 15 years, and things have changed quite a bit. The event has gone from a few thousand to around 50,000 attendees, leading to a confluence of humanity and traffic around the Moscone Center. Hotel room prices exceed $500 per night, even at some of the “boutique” (i.e., flea bag) hotels in and around Union Square. The RSA event has become the nexus where cybersecurity meets high-end capitalism.

This week NetApp founder Dave Hitz retired. Before I make my point, a little history:

In 1993 I started an east coast company, Invincible Technologies Corp. (ITC), which turned out to be quite vincible after all. My compatriots and I were building NFS servers called Lifelines. They were serious machines, sold by serious people in suits and ties, with serious marketing. At the same time, some hippies out west started a company called Network Appliance (eventually NetApp). Dave Hitz and his partner James Lau built an NFS server, which they called the Toaster. I don’t think they had a sales person.

Fast forward to 1999 and the business-savvy, suit wearing, serious company ITC was kaput while the hippie Linux-lovers of Silicon Valley were a public homerun. Turns out that eventually, the person with a product that actually works has a much better chance of success than a bunch of good sales people with a good-looking box that doesn’t. Dave Hitz was a billionaire, and I was a shamble.

In this video blog, ESG’s new principal analyst, Christina Richmond, and I preview what we expect to see at RSA Conference 2019. The scope and scale of RSA Conference continues to grow with adjunct events held by industry organizations such as the Cloud Security Alliance, vendors, and ESG with our own breakfast event. A few of the topics we expect to be front and center at this year’s RSA Conference include:

IBM’s Think 2019 event was made to do just that – make you think. Unlike many vendors, whose events can be like giant market stalls, Think was more more like a visit to your old college; and that's  not a pejorative, it’s a compliment.

Sure, it could get a tad calculated or even over-earnest at times, but overall it was a refreshing take – stopping and thinking...though in San Francisco last week it was advisable to undertake your contemplations inside the Moscone Center, as it poured with rain on the main mid-week days! Weather aside, the move from Vegas to San Francisco was a good one.

When I first entered the cybersecurity market in 2003, I’d already been working in the IT industry for about 16 years in storage, networking, and telecommunications previously. By the early 2000s, all three sectors had moved on from bits and bytes to focusing on how each technology could help organizations meet their business goals. Oh sure, we still talked speeds-and-feeds, but we led with things like business agility, productivity, and cost cutting. The technology was a means to an end rather than an end in itself.

When I got to the cybersecurity industry, I was surprised by what I saw. Unlike other areas of IT, cybersecurity was still deep in the weeds, focused on things like IP packets, application protocols, and malicious code. In other words, cybersecurity remained a “bottom-up” discipline as the cybersecurity team viewed the world from networks and devices “up the stack” to applications and the business.

I just got back from attending IBM Think in San Francisco. Though it was a quick trip across the country, I was inundated with IBM’s vision, covering topics from A (i.e., artificial intelligence) to Z (i.e., System Z) and everything in between. 

Despite the wide-ranging discussion, IBM’s main focus was on three areas: 1) Hybrid cloud, 2) Advanced analytics, and 3) Security. For example, IBM’s hybrid cloud discussion centered on digital transformation and leaned heavily on its Red Hat acquisition, while advanced analytics included artificial intelligence, cognitive computing (Watson), neural networks, etc. To demonstrate its capabilities in these areas, IBM paraded out customers like Geico, Hyundai Credit Corporation, and Santander Bank, who are betting on IBM for game-changing digital transformation projects.

Today, Lenovo announced Lenovo TruScale, a new IT subscription service with a wealth of benefits for businesses seeking to offload the complexity of IT, thereby freeing resources to focus on higher-value activities. In other words, Lenovo takes care of the day-to-day minutia, and IT can free up the resources to focus on maximizing the value of their data and competing in the newly proclaimed digital economy.

Cloud data protection player Carbonite just agreed to acquire cloud endpoint security player Webroot for $618M in cash.

My first immediate concern is that I’ve seen this before. Symantec bought Veritas – same logic: marry endpoint security with data protection – because that makes sense – except it didn’t work. It failed spectacularly.

Having said that, times are different, so I won’t immediately write it off. But I do have big concerns.

A few years ago, cybersecurity professionals often lamented that executives didn’t want good security, they wanted “good enough” security. This axiom reflected that many CEOs equated cybersecurity with regulatory compliance. If the CISO could check all the right PCI, HIPAA, or SOX boxes, cybersecurity concerns were taken care of.

The “good enough” security attitude was an aversion for the cybersecurity crowd. CISOs who wanted to adequately protect corporate assets longed for a time when business executives would truly appreciate cyber risk and would be willing to participate and fund cyber risk management efforts adequately.

Cybersecurity services are at an inflection point, where they are no longer "nice to have" but "must have" for security teams. Migration to digital and cloud-driven architectures, continued lack of resources, and rapid growth of breaches escalate the need for an objective service partner. Admittedly, I’m a services wonk, and see all markets through the lens of services, but it’s obvious that complexity and overwhelm abound as a myriad of new security solutions confuse the market annually at conferences. (Speculation about this year’s RSA “theme” is rife on LinkedIn.) Security teams are challenged to manage security effectively, and to negotiate business against risk. The evolution of this market necessitates services that drive assessment and rationalization of existing security programs rather than adoption of new technologies. It also demands preparedness.