Blogs

The theme of this year’s VMworld is “Make you Mark.” The kickoff keynote delivered a familiar narrative placing the IT leader in the place of a hero, a cross between “Morpheus and Hermione,” gifted with powers to change the world.

If it’s not clear yet, elastic cloud gateways are a major focus of ESG’s network security research. I discussed the idea in a previous blog…and video…and second video. As a refresher, ECGs are multi-channel, multi-mode, cloud-delivered security gateways built on a globally distributed, cloud-native microservices platform. ECGs automatically scale to provide end-user access and threat prevention to a range of cloud services, with tightly integrated data loss prevention (DLP) capabilities utilizing a centralized control plane and scalable data plane to arbitrate access and inspect content.

When you think about VMware and cybersecurity, two products have always stood out. NSX has evolved into a common micro-segmentation tool for east/west traffic within ESXi, while AppDefense monitors applications, determines “normal” behavior, and detects anomalies.

With the recent announcement by VMware that it will be acquiring Carbon Black, VMware will be adding much needed security expertise and technology to its already strong portfolio.

Trustwave and Grupo Tecno, a large information technology integrator in Mexico, are teaming up to offer Trustwave Managed Security Services and cybersecurity technologies to enterprises and other institutions in Mexico and other Spanish speaking countries in Latin America. This is exciting news for both. Trustwave expands its footprint in Latin America; Grupo Tecno firmly implants itself in the managed security services (MSSs) and security operations center (SOC) arena with a strong global partner.

It was time. Splunk was waiting for the next-generation, cloud-native application architectures to evolve to a point where it could pounce. And pounce Splunk did, scooping up SignalFx for $1.05 billion. This dwarfs previous acquisitions by Splunk over the last couple years, which acquired security automation and orchestration platform Phantom for $350 million, and DevOps incident management VictorOps for $120 million.

Detecting and responding to cyber-threats quickly can mean the difference between a cybersecurity annoyance and a costly data breach. This makes threat detection and response a critical business requirement.

Given this, you’d think that threat detection and response would be well resourced with highly-tuned processes running as efficiently as a Swiss watch. Unfortunately, this is far from true. According to ESG research, threat detection and response is fraught with numerous issues. Here is a list of the top 5 threat detection and response challenges, according to 372 enterprise cybersecurity and IT professionals:

ESG research shows that cloud data protection has hit the stratosphere, with a significant acceleration in the past three years. Organizations see cloud as having a positive impact on their data protection strategies in general, and backup data is increasingly shifting to cloud. Cloud-based VMs are also perceived to be more resilient than on-premises. Founded in 2017, Clumio was built in the public cloud and is headed by Poojan Kumar, Clumio CEO, ex Oracle Exadata Co-founder, Pernix Data CEO, and Nutanix VP Engineering and Products. Investors include some well-known names in the industry. The company announced $51 million in funding. This combination of investors, funding, and experienced leadership is worth noting, as I am sure competitors have. 

There was a lot to take in at Black Hat 2019 in Las Vegas. Fortunately, ESG covered a lot of ground with our expanded team of analysts. With the dust now settling from Black Hat 2019, ESG analysts share some takeaways from the event in this ESG On Location Video, including:

My colleague Jon Oltsik has a running blog series entitled “If I Were the Next CEO of Symantec” that he’s updated every few years when new leadership is introduced. With the recent announcement of Broadcom’s intention to purchase Symantec’s enterprise business unit for $10.7 billion, I thought I would beat him to the punch and create a new blog series, “If I Were the CEO of Broadcom.”

Just as I expected, my conversations at BlackHat 2019 mostly centered on how to define MDR, whether MDR will replace MSS, and which vendors are really MDR and which are not. Oh, and xDR was discussed too.

About this time every year, the cybersecurity industry heads to “summer camp” in Las Vegas, heading to BSides, Black Hat, and/or DefCon. I attended Black Hat last week along with many members of the ESG cybersecurity team. Here are a few of my takeaways:

1. The “vibe” has changed. There used to be a clear difference between Black Hat and its larger cousin, the RSA Conference. RSA has become an industry show where you talk about business relationships, M&A activities, and VC investments. Alternatively, Black Hat was always a practitioners’ show where the buzz centered on exploits, IoCs, and defensive tactics. Alas, billions of security dollars are taking its toll on poor Black Hat – there was a definite “hurray for the industry” vibe, fraught with banal cocktail parties, Merlot-drinking VCs, and ambulance-chasing vendors. The industry needs a cold shower to remember that its job is protecting critical digital assets, not celebrating 10-baggers.

This week, I was in Santa Clara, California for my annual pilgrimage to Flash Memory Summit (FMS). While I was there, I got a few moments during a very busy week to stand in front of a camera with my colleague, Mark Peters, and discuss this year’s summit, as well as the latest news.

Before I get to the new tech, I feel I must address the big question: “Is Flash Memory Summit still as important as it once was?” With flash memory becoming the de facto standard for data storage now, do we need a separate event for flash? Isn’t everything storage-related about flash now?

And responsible for creating positive experiences

For almost a century we have relied on classic hardwired phones to conduct business, collaborate, and be more productive. From a work perspective, perhaps there are still a few out there who remember how getting off a plane was quickly followed by a trip to the bank of pay phones (see image, for those who have never seen one) to check for messages and make any required calls. When you went to the office, an essential piece of hardware was the hardwired telephone on your desk. The phone was critical because when you picked it up, it gave you a reassuring dial tone that let you know you were connected to the world.

If you tuned into Galaxy Unpacked 2019, you had the opportunity to be thrilled by all the Samsung announcements, but when Microsoft popped into the storyline and Satya Nadella jumped on stage, it became clear that Samsung (and Microsoft) are focused beyond the consumer market and locking into the corporate workforce. The Samsung and Microsoft partnership also validates that the powerhouses are geared up to compete against Apple, Goggle, and AWS.

The HPE buying spree continued Wednesday afternoon, as they scooped up big data vendor MapR. This comes on the heels of the recent BlueData acquisition, and to a lesser extent, Cray. And with each HPE acquisition, the strategy is clear as day - data is the crown jewel and HPE will help you gain value from it with a holistic approach that covers hardware, software, and services. HPE is becoming a one-stop shop for all things data, and they are prioritizing simplicity. They recognize that organizations are at different stages of their analytics and AI journeys, and need help every step of the way. By incorporating MapR technology, they’ll be capable of inserting themselves much earlier in the analytics and AI journey.

Stu Bradley, VP of fraud and cybersecurity intelligence, recently stopped by the ESG video studio to participate in our SOAPA video series. In part 2, Stu and I discuss:

• Cybersecurity analytics readiness. SAS talks about analytics readiness, so I pressed Stu on what the company means. Stu spoke about preparing core security analytics models that act as a foundation and can be adjusted and fine tuned for new types of threats. In other words, SAS Software works to guide customers through the cyber analytics lifecycle so they can gain business value early and often.

Judging by this week’s Capital One breach and Equifax settlement, cybersecurity remains a topical if not ugly subject. The timing couldn’t be better for these unfortunate events. Why? Because the cybersecurity community will get together next week in Las Vegas for Black Hat and Defcon to discuss how to better deal with security vulnerabilities and improve threat prevention, detection, and response. 

As Black Hat 2019 quickly approaches, I couldn’t help but think back to the tail-end of my previous life attending industry conferences as an analyst covering network security. By 2014, you couldn’t get a conversation with a user on the show floor if you were a firewall vendor that didn’t offer robust application control. Palo Alto Networks had successfully shifted the industry focus to application layer inspection and next-generation firewalls had all but been accepted as the default standard for network protection. This transition addressed the fundamental shift in internet usage affecting the way we live and work. Traditional Layer 3 and 4 scanning could not provide the visibility and control over Layer 7 traffic required to protect the modern enterprise. Of course, at the time it was the need for control over applications like Facebook, Twitter, and YouTube driving the change. But it clearly foreshadowed the upcoming transition to cloud application usage.