I’ve written blogs in the past with titles like, “big data security analytics is inevitable.” Yes, I know this reads like a sound bite, but I truly believe that we need to collect, process, and analyze terabytes of real-time and historical data in order to detect stealthy cybersecurity events and adjust our security controls accordingly.
I’ve written countless times about the cybersecurity skills shortage but here’s a quick summary of a few ESG research data points that illustrate the scope of this problem: 1. 25% of mid-market (i.e. 100 to 999 employees) and enterprise (i.e. more than 1,000 employees) report a “problematic shortage” of IT security skills. 2. 36% of organizations increasing IT headcount this year plan to hire information security staff. Of all the IT headcount being added in 2013, hiring information security professionals is the highest of priority. 3. Read more
I spent the week in Washington DC last week discussing cybersecurity legislation and Federal IT security issues. As part of the tour, I gave a presentation on mobile computing security at the historical Willard hotel.
Before discussing MDM, MAM, mobile data security, or anti-malware, I started my session with a few data points from various ESG research projects:
I received an email early this morning announcing that McAfee acquired European Next-generation firewall (NGFW) vendor Stonesoft for $389 million.
I’m sure the trade press and young/rich Wall Street analysts are running around asking the obvious question: Who the heck is Stonesoft and why did McAfee cough up so much dough for a virtually unknown company?
Allow me to respond to these inquiries via my NWW blog. First , who is Stonesoft?
I posted a blog at the end of March describing that network security processes, skills, and technical controls are often more thorough than server security processes, skills, and technical controls at enterprise organizations. As a review, recent ESG research revealed that:
• 19% of enterprises say that network security processes, skills, and technical controls are “much more thorough” than server security processes, skills, and technical controls. Read more
In a recent research survey of 200 security professionals, ESG discovered that 79% of enterprise organizations (i.e. more than 1,000 employees) have experienced web application security attacks over the past year.
ESG just published a new research report titled, Web Application Testing Tools and Services. The report is comprised of data collected in a survey of 200 North American-based security professionals working at enterprise organizations (i.e. more than 1,000 employees).
When I started my career at EMC in 1987, the company ran the business on Prime Computers. I was able to convince my boss that I could improve the quality and efficiency of our group’s business reports with a PC, so the company purchased a Macintosh computer and printer for me to use. This may have made me the first PC user in EMC history though I can’t be sure.
The RSA security conference was once limited to discussions around encryption algorithms and cryptography attracting a limited and highly technical audience. Likewise, VMworld was once a Mecca for software developers and testers only.
These descriptions represent ancient history – RSA covers the entire cybersecurity spectrum while VMworld has become a nexus around cloud computing. Read more
The big data security analytics market is in its genesis with enterprise players (HP, IBM, RSA Security), security vendors (Lancope, LogRhythm, McAfee, Solera Networks, Splunk), government integrators (Boeing (Narus), LexisNexis, SAIC) and startups (21CT, Click Security, Packetloop, RedLambda) all jumping into the water. CISOs should expect abundant innovation and lots of competition over the next few years.
At the end of 2012, ESG conducted a research project looking at big data security analytics from the demand-side. It turns out that market demand is already apparent -- 44% of enterprise organizations consider their security analytics “big data” today, while another 44% believe that their security analytics requirements will be regarded as “big data” within the next two years.
There is a historical conundrum in cybersecurity about where to concentrate security skills, controls, and oversight. Hackers penetrate networks in order to compromise hosts and steal data. Given this obvious workflow, should CISOs focus security resources on networks, hosts, or a balanced combination of both?
ESG recently posed this question to 395 security professionals working at mid-market (i.e. 100 to 999 employees) and enterprise (i.e. more than 1,000 employees) organizations. The results are extremely interesting:
It’s a herd mentality out on Sand Hill Rd. Over the past few years, VCs shied away from many infrastructure and security companies, preferring to bet on cloud computing, mobile computing, and social networking startups.
A few years ago, SDN was an esoteric concept driven by academics. Some networking vendors were intrigued but many looked at it as nothing more than a science project. Fast forward to 2013 and networking vendors are tripping over each other to pledge their SDN support and crow about their SDN strategies.
Like all other areas of IT, security professionals tend to be computer science nerds. We love to talk about hardware and software advancement and how it will impact the challenges around the security triad of confidentiality, integrity, and availability. As always, this geeky tendency was on display at the RSA security conference in late February as the industry buzzed about things like streaming processing, Hadoop clusters, new authentication protocols, etc.
For many years, the RSA Conference was all about the new new thing. New threats, new compliance mandates, new technologies, etc. At the same time, the industry intelligentsia dismissed staple security technologies like endpoint security and firewalls as boring commodities.
Judging by the buzz at RSA 2013, what’s old is new again. Firewall and anti-malware chatter was pervasive throughout the Moscone Center for a number of reasons:
I was pretty happy with last week’s RSA Conference and blogged about some of my positive impressions earlier this week. It’s good to see the industry discussion the state of cybersecurity, current challenges, and promising innovation. Still, the RSA Conference is a trade show and trade shows are all about selling products.
The capitalist nature of the security industry was on display in several misguided ways with:
After much anticipation, the 2013 RSA Conference has come and gone. I have a number of topics to blog about starting with my positive impressions of the show:
It wasn’t long ago that the annual RSA Security Conference was an oasis from mainstream IT. While CIOs were focused on business process automation, the RSA crowd was celebrating technologies like DLP, web security, and key management. Yup, security was an under-funded IT step child and the RSA Conference was still centered on bits and bytes.
That was then, this is now and cybersecurity is everywhere – newspapers, magazines, television news, etc. Off the top of my head, here are some of the big cybersecurity news stories from the first two months of 2013:
With the Oscar award ceremony completed, the information security industry rolls out its own red carpet for its annual celebrity event, the RSA Security Conference, next week. I’ve written before about the pervasive “buzz” topics I expect to hear about next week. Here are 5 subjects I’d like to discuss: