John Grady

ESG Analyst John Grady covers network security at ESG. John leverages over 15 years of IT vendor and analyst experience to help clients identify and quantify key market trends to facilitate data-driven business decisions. Prior to ESG, John spent four years at Symantec, where he was responsible for developing market insights in support of product, go-to-market, and executive stakeholders. Previous to that, John worked as an analyst covering network, web, and email protection, leading initial research initiatives on then-emerging areas such as advanced threat prevention and DDoS. As an analyst, he has also focused on infrastructure channels, assessing and advising on the go-to-market strategies of IT vendors, especially from an indirect perspective. John has been quoted in Network World, CSO, eWeek, and Investor’s Business Daily, among other publications. He holds a B.A. in History from Providence College in Providence, Rhode Island.

Recent Posts by John Grady:

Time Flies…Recapping McAfee’s MPOWER 2019

McAfee chose “time” as the overarching theme of its 2019 MPower conference, held the week of October 2 in Las Vegas. The idea of the theme being that time is central to everything we do in the cybersecurity industry. Attackers look to increase dwell time while security teams try to reduce mean time to detect (MTTD) and mean time to response (MTTR). For what it's worth, I felt that my time attending was well-spent. McAfee’s always done a good job focusing its message and approach for these types of events, and this year was no different. The major announcements focused on cloud and analytics, with a bit of open architectures and partnerships included as well – all top of mind priorities for security practitioners.

Topics: Cybersecurity

Recapping Juniper's Industry Analyst Day

I had the opportunity to attend Juniper’s analyst event at its Sunnyvale, California headquarters on September 10. Truth be told, Juniper has been fairly quiet on the security front for the last few years, so I was interested to get up to speed on the company’s direction. Juniper divested the Pulse Secure portion of its portfolio in 2014 and since that time has not always articulated a consistent vision around, or emphasis on, security. My impression after listening to CEO Rami Rahim and CTO Bikash Koley lay out Juniper’s corporate vision and how the Connected Security approach ties in, is that they do see security as a core component of the overall strategy, especially as it relates to expanding the company’s enterprise footprint. Admittedly, there weren’t a lot of specifics provided relative to security announcements, but I’m an optimist and believe there will be some meat put on the bone sooner rather than later.

Topics: Cybersecurity

Exploring the Multi-channel Aspect of Elastic Cloud Gateways

If it’s not clear yet, elastic cloud gateways are a major focus of ESG’s network security research. I discussed the idea in a previous blog…and video…and second video. As a refresher, ECGs are multi-channel, multi-mode, cloud-delivered security gateways built on a globally distributed, cloud-native microservices platform. ECGs automatically scale to provide end-user access and threat prevention to a range of cloud services, with tightly integrated data loss prevention (DLP) capabilities utilizing a centralized control plane and scalable data plane to arbitrate access and inspect content.

Topics: Cybersecurity

If I Were the CEO of Broadcom

My colleague Jon Oltsik has a running blog series entitled “If I Were the Next CEO of Symantec” that he’s updated every few years when new leadership is introduced. With the recent announcement of Broadcom’s intention to purchase Symantec’s enterprise business unit for $10.7 billion, I thought I would beat him to the punch and create a new blog series, “If I Were the CEO of Broadcom.”

Topics: Cybersecurity

Elastic Cloud Gateways and Other Thoughts Before Black Hat 2019

As Black Hat 2019 quickly approaches, I couldn’t help but think back to the tail-end of my previous life attending industry conferences as an analyst covering network security. By 2014, you couldn’t get a conversation with a user on the show floor if you were a firewall vendor that didn’t offer robust application control. Palo Alto Networks had successfully shifted the industry focus to application layer inspection and next-generation firewalls had all but been accepted as the default standard for network protection. This transition addressed the fundamental shift in internet usage affecting the way we live and work. Traditional Layer 3 and 4 scanning could not provide the visibility and control over Layer 7 traffic required to protect the modern enterprise. Of course, at the time it was the need for control over applications like Facebook, Twitter, and YouTube driving the change. But it clearly foreshadowed the upcoming transition to cloud application usage.

Topics: Cybersecurity