What's Up with Microsoft and Dell at Dell Technologies World 2019?

Microsoft is ultimately in a race to grow its Azure footprint and remain in pole position on the desktop while it is clearly being battered in both markets. Microsoft needs Dell as a partner. Dell can lean in with its experience to help raise customer confidence. These three areas demonstrate where Microsoft is better with Dell:

Topics: Dell Technologies World

Five Threat Detection and Response Technologies Are Coming Together

Threat detection and response is hard and getting harder. According to ESG research, 76% of cybersecurity professionals claim that threat detection and response is more difficult today than it was two years ago, so this situation may only get worse in the future.

Why are threat detection and response processes and actions so challenging? One of the primary reasons is that many organizations approach threat detection and response through a maze of disconnected point tools. In fact, ESG research indicates that 66% of organizations agree that threat detection/response effectiveness is limited because it is based upon multiple independent point tools.

Topics: Cybersecurity

Cybersecurity Services Discussions

In the digital era, the enterprise has a new range of cybersecurity services to consider from cloud-hosted to SaaS-based SOC services, migration to DevSecOps in software development lifecycle (SDLC), and automated detection and response in managed detection and response (MDR) services. In a series of videos with industry leaders, I drill into these emerging areas of security services as well as the old tried and true segments that continue to burgeon like managed security services (MSS) and advisory services for strategy planning and policy development.

Topics: Cybersecurity cybersecurity services discussions

Cybersecurity Services Discussions: Automated Security Video with Secureworks (Part 1)

I recently caught up with Jon Ramsey, CTO of Secureworks, to chat about automated security. I asked Jon what he believes automated security is.

We’ll never outpace and outmaneuver the adversary with security the way it is today, according to Jon. The bad actors are using machine learning and automation to launch and perpetuate attacks. We simply do not have the human capital to combat the leverage that machines have. Throwing software capabilities into detection and response can help the good guys keep up.

Topics: Cybersecurity cybersecurity services discussions

Two Questions That Should Shape Dell Technologies World

With Dell Technologies World coming next week, now is the time to focus on what questions we want Dell to answer. And, what questions should they answer? Yes, we want to see new technology. We expect it at this point. And while I do have some technology questions for Dell Technologies, we also need to focus on the bigger picture, or the Bigger Truth as we say at ESG.

Topics: Storage

Pre Dell Technologies World Thoughts

It’s always fascinating to see how the truly big vendor events play out – and of course when it comes to Dell, “big” applies to both the vendor and the event. As such, DTW can be either or both a reflection and/or driver of the IT world.

Clearly, we won’t be talking about any of the actual news ahead of time, and just as clearly the tenor of the event cannot be determined today, but we can speculate, wonder and point out things we’d like to find out. That’s just what I asked my colleagues Scott Sinclair and Mike Leone to do – and you can see what they had to say in this short video. By way of a spoiler (although, perhaps, not really!?), they were not much focused on individual product introductions, important as those are within their own IT sub-ecosystems.

Topics: Storage

The Case for Managed Detection and Response (MDR)

According to ESG research, 82% of cybersecurity professionals agree that improving threat detection and response (i.e., mean-time to detect (MTTD), mean-time to respond (MTTR), etc.) is a high priority at their organizations. Furthermore, 77% of cybersecurity professionals surveyed say that business managers are pressuring the cybersecurity team to improve threat detection and response.

Topics: Cybersecurity

Security Risk as a Business Discussion

There is a lot of buzz in the market this year about risk management and how hard it is given current architectural complexity and the increased sophistication of attackers. Add to this the continued dearth of talent in cybersecurity.

Enter cybersecurity service providers to assist the organization with a broad range of services: risk assessments replete with gap heatmaps and remediation suggestions; strategic program design including security best practices; and a nascent but trending offering to educate the board, executive management team, and CISOs on how to have the risk conversation within a business context. Experienced CISOs are having this conversation among themselves and in fact, one savvy security leader is calling for Risk as a Lingua Franca. Worthy service providers are helping to create this lingua franca and to educate their clients through enterprise risk management offerings, continuous vulnerability monitoring, and penetration testing.

Topics: Cybersecurity

NETSCOUT Engage19 Explores “Visibility Without Borders”

NetScout recently held its Customer Event: Engage19 in Nashville TN. Situated in the Opryland hotel (now called the Gaylord Opryland), there were approximately 800 attendees from over 350 companies coming to hear about the latest from NETSCOUT, meet with key executives, and learn from technical experts.

Topics: Networking

SOCaaS versus Managed SOC (with video)

We live in a sea of acronyms: SOC, MSS, MDR, IDS, IDP, SOCaaS, SECaaS… Three of these in particular are causing consternation in the market: SOCaaS, MSS, and MDR. Let’s see if we can shed some light on them.

Topics: Cybersecurity

HYCU Doubles Down on Google Cloud Platform (GCP)

The HYCU team has been busy in the past few quarters. A number of updates to its Google Cloud Platform (GCP) backup solution have taken place following the introduction of the innovative BaaS offering, with billing integration and advanced backup controls for example. HYCU has also expanded its reseller network and is actively targeting the enterprise space. 

Topics: Data Protection Google Next

SOAPA Video with Devo (Part 2)

In part 2 of my SOAPA video with old friend Dimitri Vlachos from Devo, we discuss:

  1. Devo use cases. Dimitri describes some of the most popular security use cases for Devo, including threat detection, security analytics/investigations, and threat hunting. I’ve got to hand it to Dimitri as he came up with one of the best SOAPA video soundbites ever, “You can’t use old tools to cover new security analytics needs.”
Topics: Cybersecurity SOAPA

An On Ramp to Digital Transformation: How Google Next '19 Changes the Game

With the dust just settling from Google Next ’19, let me just say, there is a lot to unpack. If you had a chance to read my preview blog last week, you will have seen that I had two questions going into Google Next, and wow, did they ever answer them.

Before the event I wanted to know if Google was helping its customers transform digitally, and not simply giving them a solution once the transformation was complete. Well, enter Google Anthos.

Topics: Storage Google Next

Coming to a Solution Near You – Intel’s Next Generation Technologies

Last week Intel hosted a group of press and analysts to learn about its Data Centric Innovation launch. Driven by the proliferation of cloud computing, growth in AI and analytics, and the cloudification of the network and the edge, Intel released a number of new technologies to help organizations process, store, and move all the data that is being created.  

Topics: Networking

Data Protection Conversation with Dell EMC

In this new edition of Data Protection Conversations, I speak with Beth Phalen, President of Dell EMC's data protection division.

Topics: Data Protection data protection conversations

Endpoint Security Is Consolidating, but What Does That Mean?

In 2017, my colleague Doug Cahill conducted research on endpoint security. Back then, the research indicated that 87% of organizations were considering a comprehensive endpoint security suite rather than several disconnected endpoint security point tools.

Topics: Cybersecurity

Experience HPE Aruba "Customer First, Customer Last" at Atmosphere 2019

I spent a few days on the sunny Las Vegas strip with the team from Aruba last week at its annual customer event - Atmosphere 19. This year’s attendance recorded almost two thousand attendees and eight hundred partners. Aruba continues to grow and provided some stats to support that, citing over 1Billion switch ports, 15M access ports, 500,000 customers, 90,000 or so Airheads, and over 4000 patents. HPE Aruba is now at three billion in revenues and looking towards future growth that would get them to five billion.

Topics: Networking

Is Google NEXT Enterprise-ready?

As the ESG team gears up to attend Google NEXT, these are some of the hot spots we will be focused on:

  • The first and most obvious will be to see what stakes Thomas Kurian is driving into the ground to help drive Google Cloud execution in the market and candidly to see how they intend to close the gap with AWS and Microsoft Azure.
  • Google NEXT has historically scored an A on technology and a C on a clearly defined message and execution strategy into the enterprise. My observation is that attendees participate in Google NEXT because they see great things with the technology but have historically walked away without a clear path to simple things that are highly relevant to enterprise IT--e.g., virtual machine migration, basic cloud readiness assessment, and relevance of legacy IT that is anchored to on-prem infrastructure and process.
Topics: Enterprise Mobility Google Next Cloud Services & Orchestration

Looking Ahead to Google Next 2019

With Google Next 2019 coming up, there are a few items I’m looking forward to hearing about.

First and foremost, I’m excited to hear from the new GCP CEO Thomas Kurian and what his vision and plans are for the organization over the next 12-18 months. I think many in the industry understand some of the steps Google needs to make to become the cloud powerhouse it desires to be, with arguably the largest being a greater focus on hybrid cloud enablement. I think we caught a glimpse of that with the Alooma acquisition. I’m hoping to hear more about the plans for Alooma, where/how it will be integrated and some roadmap details on deeper integrations across GCP services.

Topics: Data Platforms, Analytics, & AI Google Next

The Case for Continuous Automated Security Validation (CASV)

Chinese military strategist Sun Tzu is quoted as saying, “if you know the enemy and you know yourself, you need not fear the results of a hundred battles.” In cybersecurity terms, this means knowing the cyber-adversaries and associated tactics, techniques, and procedures (TTPs) they use to attack your organization. Additionally, Sun Tzu’s quote extends to an organizational reflection where you must know everything about your technical, human, and even physical vulnerabilities in order to apply the best protection for critical assets.

Topics: Cybersecurity

Ready for Google Cloud Next? Two Questions before the Event

Next week is Google Cloud Next. Are you ready? Before we get inundated with all the cloud news over the next few days, I thought I would take a moment and share the two questions that are framing my expectations for the event next week in San Francisco.

  • What steps is Google taking to lead the IT and Business transformation? The cloud and innovative data services offered by Google are changing what is possible for businesses to achieve with their data. What is on the plate for 2019? And what should businesses be doing to position themselves to maximize what Google has to offer? How is Google helping them?
Topics: Storage Google Next

Unitrends' Super-Charged Appliance

I spend a lot of time in the enterprise space but there's quite a bit going on in the SMB and the mid-market too, which are the hunting grounds of Unitrends.  I recently talked to Joe Noonan about Unitrends' strategy and focus. You can see this data protection conversation here.   

This week, Unitrends, now a  Kaseya company, launched an interesting new appliance that will help SMBs, mid-sized organizations, and MSPs with their data protection mandates. One of the challenges in many smaller organizations, or decentralized offices, is having local infrastructure for quick data/application recovery. 

Topics: Data Protection

Pure Storage Bets on Cloud and File Storage

This week, Pure Storage announced that it entered into a definitive agreement to acquire Compuverde. According to Pure Storage, the addition of Compuverde will expand Pure’s file-based storage capabilities, as well as its ability to support hybrid cloud deployments. Those are the basics, so let’s look at what all this means.

This is a move in the right direction, but only time will tell whether it is the right move for Pure.

There are very few things I know for certain. The future is often unpredictable. If there were two things, though, that I would be willing to bet almost any amount of money on, it would be:

Topics: Storage

SOAPA Video with Devo (Part 1)

Whip it good--as old friend Dimitri Vlachos from Devo stopped by the ESG video studio to kick off our 2019 SOAPA video series. If you are unfamiliar with Devo, the company describes itself as follows:

Devo delivers real-time operational and business insights from analytics on streaming and historical data to operations, IT, security, and business teams at the world’s largest organizations.

Topics: Cybersecurity SOAPA security operations security analytics

Endpoint Security Platforms Destined to Simplify Operations and Reduce Complexity, but There Are Risks

As organizations struggle with the complexity and number of security tools in use, the dream of an integrated platform seems convincingly like a good idea. Surely life would be less complex with fewer tools to manage, systems that were designed and built to work together, and fewer vendors to deal with. But there will be new challenges and tradeoffs to consider that will require some planning and effort.

Topics: Cybersecurity endpoint security

OpenC2 Can Accelerate Security Operations, Automation, and Orchestration

Over the past few years, ESG has promoted the security operations and analytics platform architecture (SOAPA). Just what is SOAPA? A multi-layered heterogenous architecture designed to integrate disparate security analytics and operations tools. This architecture glues incongruent security analytics tools together to improve threat detection, and then tightly-couples security analytics with operations tools to accelerate and automate risk mitigation and incident response. After all, you can have great security analytics for investigations, threat hunting, and root-cause analysis, but this all means diddlysquat if you can’t use these analytics to make and execute timely incident response and risk mitigation decisions.

Topics: Cybersecurity SOAPA