ESG Blogs

The California Consumer Protection Act (CCPA) goes into effect on January 1, 2020. Often compared to GDPR, CCPA protects consumers from mismanagement of their personal data and gives consumer control over what data is collected, processed, shared, or sold by companies doing business in California. I recently chatted with my friends and colleagues Dave Littman from TruthInIT and Steve Catanzano, Senior Consultant at ESG. 

Folks come to cybersecurity services for a lot of reasons, complexity and compliance being two of the top ones. In fact, 40% of respondents to a recent ESG cybersecurity services study state that they need advice on dealing with the complexity from multi-cloud and hybrid architecture. And another 26% specifically call out that they need help rearchitecting their security posture during cloud migration and digital transformation efforts.

The California Consumer Privacy Act is a landmark piece of consumer privacy legislation which passed into California law on June 28th of 2018. The bill is also known as AB 375. This Act is the strongest privacy legislation enacted in any state, giving more power to consumers with regards to their private data.   

The set of announcements at AWS’s annual re:Invent is always impressive, albeit a bit of a firehose for which AWS’s own Amazon Kinesis data streaming processing engine would be helpful. At last week’s AWS re:Invent, a seminal annual IT event only AWS can get away with scheduling the week after Thanksgiving, the company announced a number of important security capabilities, some small, some big, all customer-driven. Thematically, in addition to a clear focus on identity and access management features designed to help customers rein in their AWS identities and secure S3 buckets, AWS is clearly focused on enabling enterprise-class use cases.

AWS re:Invent 2019 has come and gone. The event was full of announcements, people (the entire Las Vegas strip was taken over by 65,000), and fun. Many announcements were shared prior to the event, but in a 3-hour marathon keynote, AWS CEO Andy Jassy shared more…and more….and more. And he did it all without saying “multi-cloud” or “hybrid cloud,” the latter being most impressive since, well, Outposts. Focusing on analytics, databases, and AI, here are some of my key takeaways.

When I started ESG in 1999, the IT industry was organized essentially as follows:

• There were a handful of giant players who controlled 90% of the market. You picked your OPERATING environment first, and then you bought their kit, and whatever applications they had, and you CHANGED your company to implement their solutions. If you picked Digital Equipment and you wanted to customize your Ask MANMAN ERP system, you paid out the nose and spent years to get it into production. Same for HP or IBM. You ran their apps the way they told you to. The cost of switching out was insane.
• There were massive capital costs combined with limited skilled knowledge workers. Which translated into “if it ain’t broken, don’t touch it!”
• There were generalists, not specialists. Your IT department consisted of “system” admins – people responsible for making the whole thing run “good enough.” When things broke, they chased down the problems, largely starting blind.

2019 was a year of contrasts for backup and recovery but also confirmed the great health and growth potential in this market. It is, however, at the cusp of a critical change, one that will see vendors pivot to expanded capabilities and new use cases. Those who don’t invest in these new capabilities (organically or through acquisitions) will enter a phase of slow decline, which may not be immediately evident but that will be hard to reverse. More on this in the predictions section.

After the recent Dell Technologies Summit, I posted a video with my summary thoughts on the event, its tone, and its key announcements. (Watch it here.)

But, as mentioned in my blog at the time, I also wanted to drill down a bit more into some of the specific technology areas, as well as get the commentary of some smart people that I am lucky enough to have as colleagues here at ESG. In this companion video, you will hear from Bob Laliberte, Christophe Bertrand, and Scott Sinclair. Six minutes, four brains, multiple insights...

Getting Email Security Right Is More Important than Ever Before

With business email compromise racking up some of the largest financial theft associated with cyber-crime, and the relentless use of phishing as a means to trick users into handing over user credentials and other personal and sensitive data to bad actors, security organizations need to take a hard look at how their email security solutions are protecting against these issues.

Even if Dell is not quite at its own intended summit yet, it certainly showed a route map, milestones, tools, and (mixing metaphors wildly!) drew a notable line in the sand at its recent event in Austin.

The video here captures my high level (ha - back to the summit metaphor!?) takeaways from the event. I won’t spoil your viewing pleasure by repeating things here....suffice to say that I saw a massive company fully aware of its opportunities, obstacles, and even obligations.