ESG Brief: The Expanding Role of DevSecOps Practices

Abstract:

ESG conducted research in the fall of 2019 to examine the composition of cloud-native applications, explore the challenges associated with securing cloud-native environments, and gauge the emergence of secure DevOps programs, or “DevSecOps,” as a methodology to protect the lifecycle of modern applications. The number of organizations who have or plan to implement secure DevOps practices has grown appreciably since ESG’s similar study in 2017, leading to an expanded set of use cases and, over time, broader coverage of an organization’s footprint of cloud-native applications. DevSecOps, for the purposes of this ESG brief, is the automation of security via the integration of cybersecurity controls and processes in the continuous integration and continuous delivery (CI/CD) pipeline of DevOps.

Topics: Cybersecurity

ESG Brief: The Cybersecurity Awareness Conundrum

Abstract:

It is an obvious move to provide cybersecurity awareness training to employees to ensure their secure use of the company network across multiple cloud and hybrid environments—and it is an arguably altruistic bonus to enhance employee personal life cybersecurity. But does cybersecurity training accomplish what we want it to? Does it effectively stop users from clicking on malicious links in phishing emails or help them recognize a seemingly innocuous email that might offer privileged access to an attacker? Some say yes; some say no. ESG conducted several studies in 2019 that provide insight into respondents’ use of cybersecurity awareness training and their perception of the service.

Topics: Cybersecurity cybersecurity education

ESG Master Survey Results: The Evolution from Data Backup to Data Intelligence

Abstract:

ESG conducted a comprehensive online survey of IT and data protection professionals at private- and public-sector organizations in North America (US and Canada) between June 28, 2019 and July 21, 2019. To qualify for this survey, respondents were required to be IT decision makers currently responsible for or familiar with their organizations’ production storage and data protection mechanisms, as well as their organization’s approaches to facilitating data usage by primary and secondary beneficiaries.

This Master Survey Results presentation focuses on the transition from traditional data backup processes to data management strategies in which data is better understood and reused for other technical or business purposes.

Topics: Data Protection data management

ESG Brief: Taking the Pulse of Employee Cybersecurity Habits

Abstract:

Cybersecurity clearly has the attention of IT departments and executives. High-profile attacks and the resulting direct and indirect costs associated with security breaches have helped drive awareness over the last decade and give security practitioners a louder voice in the organization. However, the average worker is more concerned with maintaining productivity and convenience in their increasingly overlapped work and personal life. Cybersecurity solutions must begin to deliver the technology experience workers demand.

Topics: Cybersecurity

ESG Brief: Impact of Containers on the Network

Abstract:

The rapid adoption of containers to support modern application environments is having a significant impact on IT and the underlying technology. This is especially true for the network team, where container adoption is impacting existing network architectures and creating new challenges. As is the case with most transitions, there is a temptation to resist change, but as time and previous technology transformations have demonstrated, these changes must be embraced. Organizations need to ensure that the network is in a position to accelerate the adoption of new technologies.

Topics: Networking Cloud Services & Orchestration hybrid cloud

ESG Brief: Container Usage Trends

Abstract:

Hybrid has become the de facto cloud strategy for most organizations and will likely remain so for the foreseeable future. At the same time, there is a lot of discussion in the market regarding modern or cloud-native application environments as organizations look to shift from infrastructure-focused to application-centric management, but what is the reality of container environments in enterprises? ESG research confirms that not only has the adoption of containers been steady—and will continue to be—but also that this usage will play an increasing role in supporting production application environments.

Topics: Networking Cloud Services & Orchestration hybrid cloud

ESG Research Report: The rise of cloud-based security analytics and operations technologies

Abstract:

Security analytics and operations can be complex, requiring highly skilled professionals and detailed processes. To overcome these issues, security teams tend to deploy an array of security analytics tools and technologies to collect, process, analyze, and act upon growing volumes of security telemetry. Despite this investment, however, many organizations continue to find it difficult to manage cyber risk or detect and respond to cyber incidents.

How can CISOs address these issues and develop effective security analytics and operations processes? In order to get more insight into these trends, ESG surveyed 406 IT and cybersecurity professionals at organizations in North America (US and Canada) involved with the planning, implementation, and/or operations of their organization’s information security policies, processes (including purchase decisions), or technical safeguards and familiar with their organization’s collection and/or analysis of security data in support of information security management strategy

Topics: Cybersecurity Data Platforms, Analytics, & AI Cloud Services & Orchestration

ESG Research Report: Hybrid cloud trends - strategies for optimizing and managing on-premises and public cloud infrastructure

Abstract:

ESG conducted an in-depth survey of 358 IT professionals concerning their organizations’ usage of, experiences with, and future plans for leveraging on-premises infrastructure and public cloud services together in the form of a hybrid cloud strategy. Survey participants represented midmarket (100 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America (United States and Canada).

This research uncovers important trends in the hybrid cloud landscape, such as:

  • The significance of on-premises integration
  • Key objectives of hybrid cloud strategies
  • Split preferences in application migration approaches
  • The desire for management consistency
Topics: Cloud Services & Orchestration

ESG Master Survey Results: Trends in Modern Application Environments

Abstract:

ESG conducted a comprehensive online survey of IT professionals and software developers at private- and public-sector organizations in North America (US and Canada) between June 7, 2019 and June 17, 2019. To qualify for this survey, respondents were required to be responsible for supporting their organization’s application development environment, including their plans and strategy for containers technology. All respondents were provided an incentive to complete the survey in the form of cash awards and/or cash equivalents.

This Master Survey Results presentation focuses on the current state of application development architectures and methodologies in use in enterprise environments, specifically usage of and plans for containers technology.

Topics: Cybersecurity Data Protection Networking Enterprise Mobility Cloud Services & Orchestration

ESG Master Survey Results: Cloud-scale Security Analytics Survey

Abstract:

ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.

This Master Survey Results presentation focuses on the current strategies used for security analytics and operations, including the impact of public cloud resources for processing and storing large and fast growing volumes of security data.

Topics: Cybersecurity Data Platforms, Analytics, & AI Cloud Services & Orchestration