Cyber Risk Management Continues to Grow More Difficult

As part of a recent ESG research project, 340 enterprise cybersecurity, GRC, and IT professionals were asked to compare cyber risk management today with how it was two years ago. The data indicates that 39% of survey respondents believe that cyber risk management is significantly more difficult today than it was two years ago, while another 34% say that cyber risk management is somewhat more difficult today than it was two years ago.

Topics: Cybersecurity

Cyber Risk Management in Transition

At ESG, we are just about to publish some new research on cyber risk management and I’ve been knee-deep in the data for the past month. Here are a few of my initial impressions:

  • Business managers are far more involved than they used to be. A few years ago, business executives didn’t want good security, they wanted good enough security. Back then, security professionals bemoaned these half-hearted cybersecurity efforts, longing for CEOs with cybersecurity knowledge who were truly invested in strong cybersecurity controls and oversight. Note to cybersecurity pros, ‘be careful what you wish for.’ The ESG data indicates that corporate executives and boards are much more involved and demanding these days. This is forcing CISOs and infosec teams to collect and analyze more cyber risk data and present it to the mucky-mucks in business-friendly terms. The data indicates that this is already driving a new, more comprehensive model for cyber risk management.
Topics: Cybersecurity cyber risk management

Recapping VMworld Europe: Built-in Cybersecurity for Hybrid, Multi-Clouds (Includes Video)

As a follow-up to VMworld US in Las Vegas this past August, VMware reiterated its compelling albeit ambitious strategy at VMworld Europe in Barcelona. From my perspective, that strategy is well aligned with the flexibility today’s enterprises require – the ability to run any app on any cloud accessed from any device with intrinsic security. This is the true essence of hybrid clouds for which VMware has a comprehensive definition – private cloud, public clouds, as well as Telco clouds – and a plan to offer a hybrid cloud control plane with equally flexible delivery options.

Topics: Cybersecurity

Three Expected Security Themes at AWS re:Invent 2018 (Video)

As a cybersecurity industry analyst, I am admittedly guilty of being myopic in looking for security to be the leading act in the keynote at major industry events. Such was the case at AWS re:Invents of the past when security was front and center starting with a discussion about the shared responsibility security model, the foundation of any cloud security program. That started to change in the last few years with security playing more of a supporting role in Andy Jassy's and Werner Vogels' keynotes. To be clear - it’s not that AWS is now being dismissive of security by any stretch, it’s simply that security is no longer an impediment to the adoption of public cloud platforms, at least those operated and secured by major CPS such as AWS, who has always treated security as job #1. AWS no longer needs to convince the market the cloud is secure, the conversation is now about how to meet your part of the shared responsibility model.

Topics: Cybersecurity AWS re:Invent

Best-of-Breed Security Products Still Dominate – Kind Of

The history of security purchasing centers around best-of-breed products. With each requirement, security professionals would research products, review third-party tests, bring in products for internal testing, and buy those that exhibited a superior ability to prevent, detect, or respond to cyber-attacks.

Topics: Cybersecurity

Cybersecurity Technology Platform Attributes Defined

In a blog I wrote and published in August, I listed the 8 attributes that my colleague Doug Cahill and I believe are critical for a cybersecurity technology platform. The blog also ranks the 8 attributes according to a recent survey of 232 cybersecurity professionals working at enterprise organizations (i.e., those with more than 1,000 employees).

Topics: Cybersecurity

Cybersecurity Professional Impressions on Cloud-native Security

In a recent research survey, ESG asked a panel of 232 security and IT professionals a series of questions about cloud-native security (i.e., security controls, management, and monitoring options built into cloud infrastructure and offered by cloud service providers (CSPs)). Here are a few of the data points we uncovered:

Topics: cloud security Cybersecurity

McAfee’s Vision at MPower

I wrapped up my 3-week tour of the cybersecurity industry with a stop in Las Vegas for McAfee MPower. Here are a few of my takeaways from the event:

Topics: Cybersecurity

Cybersecurity Trends – With Trend Micro

Last week, Trend Micro came to Boston for its annual Trend Insights industry analyst event. The company provided an overview of its business, products, and strategy. Here are a few of my takeaways:

Topics: Cybersecurity

Ten Takeaways from the Splunk User Conference

I spent the early part of this week in Orlando, attending Splunk .Conf 2018. Here are a few of my takeaways:

  1. Splunk articulated a vision of security analytics/operations for 2020 that included 10 areas:
    1. Data ingestion. Collecting and processing a growing body of security telemetry.
    2. Detection. Finding and blocking known threats.
    3. Prediction. Using advanced analytics to identify new attacks and then spreading the warning around to all connected customers.
    4. Automation. Automate all pedestrian tasks and accelerate more complex tasks.
    5. Orchestration. Use APIs to connect security controls together for investigations and remediation actions.
    6. Recommendation. Monitor and record security operations and then recommend proven actions to the SOC team.
    7. Investigation. Provide intuitive tools to figure out what cyber-attacks are happening and why they are happening.
    8. Collaboration. Offer a workbench for security operations while connecting to collaboration tools like Slack.
    9. Case management. Deliver a security-centric tracking system that spans security incident management lifecycles. 
    10. Reporting. Providing a central place to measure all aspects of reporting.
Topics: Cybersecurity ESG on Location