ESG Blogs

To explore user perspectives around SASE solutions and elastic cloud gateway architectures, ESG recently completed a research study on the convergence of network security tools through a consolidated, cloud-delivered platform. The study explored pain points with current approaches and tools, interest in and important elements of an ECG approach, and what organizations expect to gain from implementing an ECG architecture. To explore some of the research, I invited my colleague Jon Oltsik to discuss the findings and what they mean.

My colleague Dave Gruber is such a great guest that I invited him back for an unparalleled SOAPA video part 3. In our final installment, Dave and I talk about:

In part 2 of our SOAPA video, I welcome back my astute colleague, Dave Gruber. The conversation turns to XDR, a market segment that Dave and I collaborate on. I ask Dave about:

• The definition of XDR. It’s a nebulous industry term but Dave nails it by explaining that XDR is a method for bringing controls together to improve security telemetry collection, correlation, contextualization, and analytics. There’s also an operational side of XDR to help coordinate response and remediation across multiple controls simultaneously.

Back in March, I heard from several CISOs about how COVID-19 was disrupting their cybersecurity programs and changing their priorities. A few weeks later, I connected with some CISO friends, and got an update on phase 2 of their pandemic journeys.

While no one knows when the coronavirus impact will end, we are getting a good perspective on what the new normal will look like. Here are ten changes I anticipate (in no particular order):

The SOAPA video series has featured a series of prolific industry beacons representing leading security operations technology vendors. That will continue, but I thought I’d shake up the format a bit by inviting my colleague and friend, Dave Gruber, to participate. 

It’s great to be back with the SOAPA video series, albeit in a remote format. Nevertheless, I was excited to interview Hugh Njemanze, CEO of Anomali, a leading threat intelligence platform (TIP). In part 2 of our video, Hugh and I yak about:

The SOAPA video series is back! In this global pandemic edition, I speak with Hugh Njemanze, CEO of Anomali, a leading threat intelligence platform (TIP). In part 1 of my chat with Hugh, we discuss:

• Security operations difficulties. ESG research indicates that 63% of organizations claim that security operations are more difficult than they were 2 years ago. Hugh agrees and believes these difficulties are related to the breadth of tools and practices that are creating visibility and process gaps.

In addition to reporting very strong growth in its fiscal third quarter, Zscaler announced the completed acquisition of Edgewise Networks last week. At a price tag of $31 million, this won’t be a deal that turns many heads, but maybe it should. We’ve seen much of the industry shift to a cloud-delivered network security approach over the last 10 months, something ESG calls elastic cloud gateways (ECGs). In many ways, this is the logical evolution of the approach Zscaler introduced more than 10 years ago. However, the Edgewise Networks deal, along with the recent acquisition of cloud security posture management (CSPM) vendor Cloudneeti show that Zscaler is beginning to think beyond just user access and toward a broader approach to cloud security overall. Specifically, the addition of Edgewise Networks strengthens Zscaler’s zero-trust capabilities to address not only the workforce, but also applications and workloads.

I heard some alarming new statistics from IBM security this week. With COVID-19 as a backdrop, cyber-attacks are up 14,000% led by a spike in ransomware. IBM also revealed a 6000% increase in spam, as hackers social-engineer nervous users with fictitious coronavirus news and miracle cures. Other firms like DomainTools, FireEye, and Palo Alto Networks have reported similar data. Yikes!

If you haven’t heard about it yet, there has been a ground swell of activity over the past 12-18 months with security vendors rallying around a new theme: XDR. There have been different interpretations of what the “X” in XDR stands for, but the general concept is built on the success of the endpoint detection and response (EDR) model, now extending that model to aggregate and correlate telemetry from additional security controls, adding network, cloud, email, and more. The promise is that with a broader view of activity across security controls, more automation can be applied to deliver better coverage, insights, and ultimately more automated response actions for today’s sophisticated attacks.