As the old security adage goes, “A well-managed network/system is a secure network/system, and this notion of network and system management is a cybersecurity foundation. Pick any framework (i.e., NIST Cybersecurity framework), international standard (i.e., ISO 27000), best practice (i.e., CIS 20 Critical Controls) or professional certification (i.e. CISSP), and much of the guidelines presented will be about security hygiene and posture management.
Insight
-
-
The topic of network and security convergence has been front and center in the industry over the last year. The line between networking and security continues to blur, with collaboration increasing across traditionally siloed IT functions and technologies used by these teams continuing to inch closer together. One of the more notable initiatives is secure access service edge (SASE), and both enterprises and vendors alike are now embarking on their SASE journey. -
This week Cisco held its annual customer event, Cisco Live, for its global audience. With over 100,000 attendees from over 200 countries, this may be one of the best attended Cisco Live events. Despite most organizations having to work from home over the past year, it certainly hasn’t slowed down the innovation and productivity from the Cisco engineers. The theme of this year’s event was Turn IT Up, something that organizations across the globe have been doing since the pandemic hit and Cisco was quick to call out the IT heroes that worked tirelessly to transition to work-from-home environments and enable businesses to continue operations.
To help those organizations thrive in this new environment, Cisco launched an impressive number of announcements presented by a highly talented and diverse group of Cisco executives. The major announcements included providing its customers choice in how they want to consume Cisco solutions with an as-a-Service program called Cisco Plus, bringing out an expanded SASE architecture to cover endpoints to the cloud, delivering greater visibility into distributed cloud environments by integrating AppDynamics and Thousand Eyes, enhancing Webex, improving security with passwordless authentication using Cisco Secure (Duo), and deliver an inclusive internet of the future with its silicon and optics.
Let’s take a closer look at some of these announcements:
Cisco Plus. Described as everything you already love about Cisco, Plus or It’s Cisco, Plus so much more. Increasingly organizations are looking to shift on-premises infrastructure, software, and services purchases from traditional perpetual licenses to as-a-service consumption-based models. ESG research highlights that almost half (48%) of respondents to this year’s Technology Spending Intentions survey would prefer a consumption-based model, and those numbers only increase if respondents are currently using cloud services or have a cloud-first strategy. The decision to create this was an easy one. Cisco needs to provide customers choice in how they consume on-premises solutions. The goal is to deliver all Cisco application, compute, network, observability, security, and storage offerings as a service with unified subscriptions that simplify consumption and use. Obviously, creating network-as-a-service will be a top priority, especially to support distributed cloud environments (on-prem, multiple public clouds, and edge locations). Expect NaaS-based SASE solutions later this year, but users in North America and select European countries can take advantage of the first offer, Cisco Plus Hybrid Cloud. Cisco also stated these services will be available via the CX cloud later this year as well. Cisco Gold Partners will play a key role in delivering these as-a-service offerings.
SASE. The secure access service edge framework has been gaining a lot of momentum and certainly a tremendous amount of buzz in the news lately. Given the highly distributed nature of modern business applications and workforces, it is well warranted. Cisco’s goal is to help simplify these complex, distributed environments by bundling core Cisco network and security offerings that cover the endpoint to the cloud into a single offer. This starter kit would include networking, remote access, cloud security, ZTNA, and observability solutions. Over time, Cisco will expand the functionality to provide DLP, RBI, and malware detection with Umbrella as well as simplify SD-WAN integration with major cloud providers and interconnects like Alibaba, AWS, Azure, GCP, and Megaport. Plus Cisco is planning on integrating ThousandEyes into their offering – delivering visibility into the internet itself for end-to-end visibility. Duo will be leveraged to deliver zero-trust network access. The bottom line here is that SASE is a rapidly evolving space, with plenty of confusion surrounding what is part of the framework. Cisco has done a nice job articulating what is included in their initial SASE architecture and has provided a clear roadmap to guide users on their SASE journey.
ThousandEyes, AppDynamics, & Cisco Switch Integration. With applications becoming distributed across on-premises data centers, multiple public clouds and edge locations, the ability to observe the connections to these applications is becoming increasingly important. The internet is now an integral part of the corporate network and organizations need to be able to quickly and efficiently determine what is causing an application performance problem that negatively impacts customer experience. By integrating ThousandEyes with App Dynamics, Cisco has extended the application path visibility from application (wherever it is) to the user device (wherever it is) to ensure positive customer experiences and simplify problem detection and resolution. The ThousandEyes Internet and Cloud Intelligence will be integrated with AppDynamics Dash Studio and Catalyst 9300 and 9400 series. This capability provides organizations with the ability to effectively manage applications in a distributed cloud environment and deliver optimized experiences.
These were just a few of the significant announcements made by Cisco to enable organizations to accelerate their digital transformations, enable the future of work (hint: it will be hybrid), and power an internet that will be inclusive for all. Not surprisingly, in addition to the technology innovation, Cisco remains committed to diversity and helping the community, and has been long before it was popular to do so. Chuck Robbins reported on their pledge to help one billion people globally by 2025 and he was able to report 527,000,000 people have already been helped. I wasn’t a math major, but that certainly sounds like they are ahead of schedule!
Moving forward, Cisco is focused on six pillars to enable organizations to thrive. They include:
- Delivering secure, agile networks
- Optimizing application experiences
- Enabling the future of work (hybrid)
- Building the internet for the future
- Enhancing capabilities at the edge
- Providing end-to-end security solutions
Many of the announcements this week mark the start of a journey, especially in regard to SASE, the inclusive internet, and delivering Cisco solutions as-a-service. I look forward to tracking their progress over the rest of this year. The programs are big and ambitious, something we have come to expect from an organization committed to imparting positive changes – for both technology and our community. To learn more about these announcements and many more, check out www.ciscolive.com.
-
In a recent briefing with George Crump, Chief Marketing Officer of StorONE, we learned about Seagate and StorONE’s latest offering that is designed to provide affordable high-performance and high-capacity storage solutions. The offering from StorONE, which became available in early March 2021 and features Seagate’s drives, was created specifically with a focus on databases, virtualization video surveillance, file, backup, and archive capability. -
Secure access service edge (SASE) has continued to garner significant interest in the market due to the need to ensure that security and networking strategies and technologies are aligned to better address the increasingly distributed nature of the modern enterprise. In this video, Bob Laliberte and I discuss some of the different vendor approaches to SASE, the balance between platforms and best-of-breed approaches, and the organizational issues users must consider with regards to SASE.
-
In my last blog post, I described how the market for eXtended Detection and Response (XDR) is evolving and how CISOs should approach this new and promising technology. It was good and useful information, if I do say so myself, but it didn’t directly address the question of why security professionals should care about XDR in the first place.The answer: Because XDR has the potential to accelerate threat detection/response while streamlining security operations.
-
In ESG’s 2021 Technology Spending Intentions Survey, when asked whether IT leadership has gotten any pressure from business executives to increase employee monitoring at any point stemming back to the outset of the pandemic, nearly half (48%) of senior IT decision makers responded in the affirmative.
Two-thirds of the respondents at these organizations cited productivity and/or security as the reasons behind the increased monitoring requests.
Work is no longer measured by the total number of hours logged in the office and has left some executives out of touch with their employees and teams. IT teams have a challenge on their hands as they walk the line between monitoring IT systems to deliver optimal user experiences and monitoring capabilities that track application usage, active device time, and the general productivity of users. IT professionals can help strike an ideal balance through insight and analytics that monitor user experience and proactively capture issues before they impact performance, productivity, and employee satisfaction.
This is a difficult topic for executives, IT pros, and employees. Stay tuned here as we research the current and planned state of businesses to help us all understand how employee insights are being used in meaningful ways.
-
The Influx of Digital Efforts
2020 was a challenging year for people and business alike. As we look to 2021 and the future, businesses have shifted and ramped up the focus on digital transformation initiatives. These initiatives are emerging from the need for a remote workforce and increased digital marketing and sales efforts, fueled in part by an influx in budget from reduced travel. This more digital mindset means more customers are looking online to experience everything from shopping to virtual travel to social events and more—and companies are scrambling to accelerate their digital transformation efforts to meet the need.
The responses from ESG’s 2021 Technology Spending Intentions Survey clearly show that budgets are being reallocated to support these digital initiatives. The data shows that 65% of organizations that have mature digital transformation initiatives will increase IT spending for 2021, with 60% of initiatives in early stages and 56% in planning only stages. This is compared to 27% of respondents with no digital transformation initiatives on their roadmap.
Overall, the data shows the year-over-year percentage increase in digital transformation initiatives for 2021 IT budget over 2020 as follows:
- Mature projects: 4.33% increase
- Early stage projects: 3.2% increase
- Planning projects: 2.05% increase year
Note that the percentages may seem negligible, but when considering the typical enterprise IT budget, it is significant.
The data also indicates that 59% of mature organizations are looking to move on-premises workloads to the public cloud in 2021 in an effort to support these initiatives. This is largely due to the increase in focus to adopt digital tools to optimize collaboration, increase operational efficiencies, and provide differentiated ways to connect with customers.
Driving Toward Results
In my brief on Public Cloud and Digital Initiatives for 2021, I analyzed the data from the Technology Spending survey and came away with a few essential takeaways.
- Nearly 75% of organizations report either having mature digital transformation initiatives or that they are currently implementing and executing various digital transformation initiatives.
- Business project teams may start by deploying in public clouds (or by adopting containers), then may seek the option to deploy across hybrid or multi-cloud environments.
The past six months have caused cloud users to push the accelerator even more. The maturity of these organizations also may be considered. Adding serverless and containers as part of the strategy is also a consideration in conjunction to co-exist in a heterogeneous environment with the public cloud.
The Proof Is in the Data
There is no mistake in the momentum of public cloud adoption. Digital transformation initiatives reap the benefits of the cloud, but they also need to leverage the existing business infrastructure. This is why application and infrastructure modernization is so critical to the success of future-focused businesses.
As you can see in the following chart, organizations are focused on driving operational efficiencies. But it’s important to also note that 25% of these businesses are developing entirely new business models. This paradigm shift will require a new way of interacting with existing, heritage systems such as databases, ERP, and other workloads. To bridge the gap, businesses will need to adapt with not only new resource skills to accommodate these new models, but also find new ways to interact with their customers through modernized front-end applications.
Next Steps for Businesses
Organizations will need to ask when and if the larger strategy drives digital initiatives to the public cloud. Business approaches, as well as the success, can vary based on the execution of the project, including: The go-to-market and routes-to-market, the impact to the existing business model and transition to the next, the ability of your internal resources to execute the new strategy, etc. These approaches should be considered prior to executing and pivoting the business into a new direction.
The bottom line is you need to continue to sell your products and services to the marketplace – but the traditional methodology of doing so is no longer a viable option. As your customer is forced to digitally transform, so are you. You can either embrace the new paradigm of digital marketing-based selling versus old school methods, or you will find that your competition will. Customers are not going to go back to relying on trade shows – they have already spoken loudly and clearly – sell to me the way I want to be sold to or get out of the way.
Clearly, business evolution is inevitable. Adopting current trends and new business models is a way to strengthen the way you connect with your customer base. For example, having the ability to deliver your offering in the cloud is expected from most clients and customers. This allows businesses to shift costs from a large initial investment to an operational investment based on how clients want to consume your offering.
Cloud does not necessarily mean you can stand up an offering on a new infrastructure. It also may define how your offering is built or modernized to take advantage of the new resources. For example, being cloud-resident is not often good enough. The offering should have the ability to leverage a modern, elastic infrastructure. Scale up, scale down, and scale out as appropriate.
Cloud-ready applications are moving up in cloud maturity but having a cloud-native ability allows the offering to take full advantage of the resources and infrastructure. Also, this ability makes the offering competitive and cost-effective by using fewer resources like serverless or containers for microservices.
Here are top key points from the respondents to the ESG’s 2021 Technology Spending Intentions survey:
- Public cloud infrastructure (including serverless) adoption has almost doubled in five years.
- Nearly half of organizations now have a cloud-first strategy.
- Nearly 8 in 10 remaining on-premises workloads will move to cloud candidates over the next five years.
These points support the importance of fully understanding the public cloud adoption for new digital initiatives.
In fact, business are sending far less people to shows or in-person meetings due to the pandemic but we find that this trend will continue and in-person events will become less popular. Business will rely on other sources of education and digital initiatives are driving towards these efforts.
The ESG’s 2021 Technology Spending Intentions survey indicates that the top two ways to gain customer confidence are product reviews and product evaluations.
- Product reviews: 45% of respondents find these most valuable
- Product evaluation/performance testing: 42% of respondents find these most valuable
Based on the survey data, this type of content is critical for potential buyers to learn about, research, and evaluate IT products and services. Providing this type of information this way will get the most traction for educating audiences.
Interested in learning more? Download my brief, Public Cloud and Digital Transformation Initiatives for 2021, to read more on this topic.
-
As the COVID-19 pandemic continues to be a challenge, businesses have shifted and ramped up focus on digital transformation initiatives. As such, the cloud promises greater operational efficiencies, collaboration, and customer experiences to accelerate this effort. This brief outlines how digital transformation initiatives continue to gain momentum with companies pursuing more aggressive public cloud spending and strategies.
-
ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.
This Master Survey Results presentation focuses on identifying the role of cybersecurity within the overall corporate mission and understanding the existing processes and communications between security managers, business executives, and corporate boards.
-
Threat detection and response is a core component of modern security programs, driving investment in tools to improve visibility, efficacy, and efficiency. As organizations commit to and extend EDR, NDR, or other security analytics solutions in support of broad threat detection and response programs, new opportunities arise for XDR. Organizations can increase business agility when threats are better understood and controlled. Rapidly and effectively correlating alerts across multiple threat vectors leads to increased threat visibility, more rapid and automated response and mitigation, and a reduced dependence on highly skilled security analysts.
-
Antiquated management philosophies that connected successful work with hours in an office are being proven to be erroneous. In fact, ESG’s 2021 Technology Spending Intentions Survey highlighted that 72% or organizations are becoming more pro-work-from-home and 44% of respondents would prefer to keep as many employees as possible working remotely as long as possible. As a result, we are seeing the pressure being turned on for IT pros who are being asked to increase employee monitoring.
Employee monitoring has always been a fine line for IT pros to participate in but executives see an opportunity as they look to:
- Support a surge in output.
- Enhance employee engagement levels.
- Maintain remote and flexible work.
As workforces become more distributed and business processes become increasingly digitized, it is more important than ever for companies to have detailed insights into their employees. While monitoring employees via technology interfaces does provide valuable insight into work habits and well-being, business executives must be careful to avoid the perception of spying. Businesses need solutions that address these needs while challenging models of the past to support a surge in output, enhance employee engagement levels, and maintain remote and flexible work.
This is a challenging message for businesses and the IT vendor community. As a result of the complex topic, ESG is launching initiatives so we can help IT pros, executives and the vendor community highlight the value of employee insights and contribute to improved user experience, enhanced security, and the overall greater good of employee well-being.
The topic of network and security convergence has been front and center in the industry over the last year. The line between networking and security continues to blur, with collaboration increasing across traditionally siloed IT functions and technologies used by these teams continuing to inch closer together. One of the more notable initiatives is secure access service edge (SASE), and both enterprises and vendors alike are now embarking on their SASE journey.
In a recent briefing with George Crump, Chief Marketing Officer of StorONE, we learned about Seagate and StorONE’s latest offering that is designed to provide affordable high-performance and high-capacity storage solutions. The offering from StorONE, which became available in early March 2021 and features Seagate’s drives, was created specifically with a focus on databases, virtualization video surveillance, file, backup, and archive capability.
In my last 
