Blogs

One of the marketing campaigns that resonated the most with me over the last few years is the messaging behind Trend Micro’s XGen campaign because it aptly captures the challenge cybersecurity teams face: the complexity of securing multiple generations of technology. That is, it’s not just about next-gen. It’s also about protecting the last gen, and whatever comes after next-gen.

After all, while we still have mainframes, tape libraries, and Oracle running on UNIX, appdev teams are leveraging public cloud platforms and a rich set of microservices to rapidly build and deliver applications. Such heterogeneity represents a requirement to secure a diverse set of applications stacks deployed across hybrid, multi-clouds. Palo Alto Networks' stated intention to acquire Twistlock and PureSec, the former for container security, and the latter for serverless security, is a strong move to add cloud-native application security controls to companies' already extensive product portfolio.

As architectures move increasingly to the cloud, hybrid environments are harder to keep secure. Nearly nine out of ten (85%) respondent organizations in ESG’s 2019 Public Cloud Computing Trends are currently leveraging at least one of the three public cloud computing service models, with another 11% expressing plans for or interest in using these services.

As security teams commit more and more resources to detection and response activities, endpoint detection and response (EDR) solutions are becoming core to the process. But when we take a step back and look at the bigger picture surrounding threat detection and response, we see multiple, disparate solutions being used to detect and investigate threats, requiring analysts to log into multiple systems or post-process data from these systems to correlate alerts. With many organizations utilizing a best-of-breed tools strategy for their security stack, integrations have become core to the sanity of most security teams.

Digital transformation takes many forms. Nearly every company wants to maximize the value of its data, but each has specific goals in mind. When IT vendors discuss transformation, however, their story often sounds the same: “Build from the data center out.”

While that approach is valuable, for a variety of industries, the Internet of Things (IoT) and the edge are the real keys to maximizing an organization’s digital future. IoT can no longer be ignored. According to recent ESG research, 36% of IT organizations indicated that they have IoT initiatives already underway.

Have you ever thought of what 50 tons of ewaste would look like? Probably not, but that is the amount of ewaste expected to be generated this year. To put it into perspective, I was recently told that much waste would be equivalent to 4500 Eiffel towers, basically enough to cover all of Manhattan. Even more important, ewaste is only 2% of our overall waste, but makes up 70% of our toxic waste.

In this ESG On Location video, my colleague Vinny Choinski and I discuss our impressions of VeeamON 2019 in Miami, Florida.

VeeamON just started in Miami (about 2000 in attendance) with a number of announcements that will get the industry's attention - not surprisingly, some might add, because it's Veeam.  

New "born in the cloud" companies have it EASY! If I was to start a company today, it would be relatively simply (and fast) to choose business platforms, applications, and endpoints. While in reality, businesses have years of technology investments and business processes. So while companies are seeing the benefits and value of a digital workplace strategy, they risk creating a substantial functionality deficit.

ESG and the Information Systems Security Association (ISSA) just published a third annual research report titled, The Life and Times of Cybersecurity Professionals. 

This week Extreme hosted customers for its second annual customer event, Extreme Connect. Reflective of its own growth, conference attendees doubled in size this year and that was evidenced by its packed keynotes and technology breakouts. The theme for this year’s event was #FutureForward.

Cybersecurity professionals are paranoid by nature. That’s not a bad thing, it’s a job requirement. We want our cybersecurity team to “think like the enemy” to discover and remediate vulnerabilities as rapidly as they possibly can. 

Aside from this cynicism, my cybersecurity friends also take great pride in what they do. Like Elliot Alderson from the TV series “Mr. Robot,” many cybersecurity professionals want to save the world (from hackers and the like). 

At Dell Technologies World, I managed to grab some time, video camera in hand, with Sam Grocott. Sam leads marketing for what we’d all traditionally know as Dell EMC.

I asked him to start by briefly summarizing the key announcements at the show for his group, but what then developed was a discussion shaped by the fact – at least for Dell customers – that terms like “traditional” and “his group” are becoming steadily less pertinent as Dell’s strategic cloud embrace demands that it shifts from offering an enormous portfolio of products from largely independent operating units, to be instead a provider of integrated full-stack solutions. This both drives and reflects the market – and Sam explains how important it will be for Dell and its customers.

I attended the Big 5G event in Denver Colorado last week. The show was well attended, with every session I went to, including keynotes, having standing room only. That is probably a good indicator of the level of interest in and even to a certain degree the level of hype surrounding 5G.

The keynotes had representatives from major North American CSPs, including ATT, C-Spire, Sprint, T-Mobile, and Verizon (alphabetically). While there was plenty of “we were first in this 5G category” claims from two of these vendors and commentary about other countries' deployments that would lead you to believe this was a race, one of the speakers echoed a comment from a recent DARPA show that probably sums up the transition to 5G best, in that 5G is an evolution, not a race. Indeed, comments from the other major vendors stated that they did not want to release a 5G solution until they are ready, which they assured us they will be soon. In fact, CTIA stated there will be 92 5G deployments in 2019. Across all of IT, we have seen technology adoption accelerating, and 5G is no different, so expect the 5G adoption rate to be the fastest yet. ATT cited an example that a new deployment would typically be 18 mos, but for their first roll out, it was only six months.

Every technology event or conference offers insight into the future of IT. Few, however, rival the breadth of digital business impact or the passion among the attendees that Red Hat displayed this week. After only a few hours on the floor and talking with attendees, I am reassured not only that IBM is making a wise move with the acquisition, but also that Red Hat is incredibly well positioned to address the challenges of modern IT.

I’ve been writing about the cybersecurity skills shortage for 7 years and have become the “Chicken Little” of this topic. Now, we’ve all read about the number of cybersecurity job openings out there, but what is the impact of the skills shortage on cybersecurity professionals who are gainfully employed?

Never a dull moment in the data protection market. After last week's announcements at Dell World, Unitrends (a Kaseya company), Odaseva, Cohesity, HYCU, and Veeam have come out with interesting news.

Well, we did it. We hit the 20-year milestone here at ESG! And what a crazy ride it has been. In many ways, things are not much different in the world: IT remains a second class citizen many times, demands are constantly growing, budgets are constantly shrinking, and IT gets the raw end of the deal.

I had the opportunity to catch up with Alex Almeida at Dell Technologies World 2019 in Las Vegas in the Data Protection booth to discuss the significant new announcements the company made at the event. Don't miss it!

Look, there is no denying that Microsoft Windows has a massive footprint across the globe and has been the primary endpoint operating system that companies have relied on for decades. Heck, as much as I personally sometimes try to move over to other platforms like Mac OS or Chromebook, I find myself tied back to Microsoft Windows at some capacity. The same situation holds true for businesses as they continue to use Microsoft Windows because they have to, but the usage and interest of alternative solutions compounded with truly amazing capabilities on smartphones and tablets opens the door to create an enlightened end-user experience and improved productivity.

Spring brings things you expect – tax day (in the US), storms and showers (in much of the Northern hemisphere), and some variant of Dell/EMC/Dell Technologies World (in whatever Las Vegas is!). But this Spring brought something unexpected too – at Dell Technologies World the discussion for the closing general session panel centered on “optimism and happiness in the digital age.” So there!

Finding the right metrics to measure the effectiveness of your security programs can be challenging and subjective. While most everyone can agree on the ultimate objective of preventing breaches, there is much discussion about how to objectively measure and report on the effectiveness of everything between your first dollar invested in security and your planned security investments for the coming year.

When you think of US States exhibiting cybersecurity leadership, which ones come to mind? For me, I’d place Maryland at the top of the list, followed by CA, MA, VA, GA, and a few others. In my view, these states exhibit good efforts around cybersecurity innovation and public/private partnerships.

Now if you pinned me down and asked me to continue my list, I’m not sure where I’d place North Dakota, a state with a population of 755k. Until recently, I had no knowledge or opinion on the state’s cybersecurity position whatsoever. That changed for me when someone from the office of the CIO in North Dakota read one of my blogs on the cybersecurity skills shortage and reached out to fill me in on the state’s cybersecurity efforts. As it turns out, North Dakota is doing quite a bit.

What a week. Now that I have had a day to recover, let’s discuss Dell Technologies World. What happened, what was interesting, and what does this mean for the future?

Now, let’s start by discussing the new product announcements, which were both numerous and impressive. For example:

Going into Dell Technologies World, my greatest expectation was hearing a more unified message between VMware and the rest of the Dell Technologies family, especially Dell EMC. That expectation was absolutely met. Pat Gelsinger and Jeff Clarke on stage together announcing the Dell Technologies Cloud Platform was very well received and I would argue is the most united front between these two organizations that we've heard to date.

First, let's clarify what would drive businesses to consider moving cloud on-prem:

Dell Tech World kicked off in Vegas this week, capturing the attention of 15,000 attendees from over 122 different countries.

The big announcements in the day one keynote were focused on Hybrid Cloud, the Microsoft Azure partnership, and unified workspace, but the underlying theme was clear. Dell Technologies is continuing to embrace its “Better Together” philosophy creating solutions from its family of companies. This is evidenced by its solutions that leverage technology from VMware, Dell EMC, SecureWorks etc., wrapped into a single bundle.

Dell just announced new data protection solutions at Dell Technologies World 2019. While the event is set in Las Vegas, don't take it as an invitation to gamble with your data!  Our research shows that 57% of organizations state that their tolerance for high-priority application downtime
is less than 15 minutes or 15 minutes to less than one hour. In other words, no time for downtime...data protection is clearly a great business to be in!