As a top investment priority for security organizations, detection and response programs are entering a significant transition as attack surface expansion and threat complexity drive the need for more comprehensive visibility, detection, and response. The extended detection and response (XDR) movement has spawned a plethora of new solution offerings capable of detecting advanced threats by aggregating, correlating, and analyzing telemetry from endpoints, networks, the cloud, and identities together with a new level of more extensive threat intelligence. What impact – if any – do IT and cybersecurity teams anticipate XDR having on their current endpoint detection and response (EDR) solutions?
Cybersecurity & Networking
-
-
As expanding device diversity, zero trust, and extended detection and response initiatives drive organizations to reassess endpoint security solution investments, security teams are looking to replace existing tools with more capable, converged platforms. Significant advances in Microsoft’s native endpoint security prevention, detection, and response capabilities, together with attractive bundling and pricing options, have propelled a meteoric rise in the popularity of Microsoft Defender for Endpoint over the past two years. While many intend to use Defender as a core component within their endpoint security arsenal, many still plan to supplement, potentially spawning a new opportunity for other security providers to deliver specialized add-on solutions.
-
We’re excited to highlight Elizabeth Gossell for our second Women in Cybersecurity interview. Liz is the Principal Security Analyst for Danaher Corporation, a global science and technology conglomerate with subsidiaries operating across different market segments, including life sciences, diagnostics, and water. The company is no stranger to mergers and acquisitions, as it acquires roughly 10 companies each year. In this video interview, Liz speaks with Enterprise Strategy Group Sr. Analyst Melinda Marks about the evolving security challenges that come with M&A efforts, scaling, and sprawl, such as maintaining security consistency across all the organizations, and working quickly to secure new acquisitions.
Liz also describes her many years of experience in the space, starting with an internship in cybersecurity years ago and working at Lockheed Martin and Tenable, where she originally met Melinda. “I’m a problem solver by nature,” said Liz, who is excited by the breadth and complexity of the challenges across cybersecurity, as well as the opportunity to put both her technical and non-technical skills into action to find a solution.
Elizabeth is passionate about solving problems in new ways, by uniting a diverse group of people with different perspective, ideas, and skill sets. She encourages women to self-advocate, set boundaries, and ask for the opportunities they want to pursue, “Taking the reins of your career development early and being a strong advocate for yourself is absolutely critical.”
Be sure to check out her story, and learn more about Liz and Danaher Corporation:
- LinkedIn: https://www.linkedin.com/in/lizgossell/
- Information about Danaher: https://www.danaher.com/our-businesses
Please visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Elizabeth, and join us to hear more inspiring stories in future episodes!
-
Secure access service edge (SASE) offers opportunities for both networking and security, but in most organizations the security and networking teams still operate independently. This independence means enterprise strategies for pursuing SASE may often be focused either on networking or security. It should be noted, however, that some organizations are starting with a converged approach. Depending on who is leading the SASE initiative, priorities may differ. This brief will focus on the nearly one-third of organizations taking a network-focused approach to SASE implementation.
-
Secure access service edge (SASE) frameworks are increasingly gaining interest with enterprise customers. The deployment of these services presents an opportunity to switch from perpetual licensing or even subscription licensing to delivering SASE as a managed service. The success of SD-WAN, a major component of a SASE framework, is certainly a driver for consuming SASE as a managed service as well. Organizations need to understand how managed service providers are delivering SASE, especially the ability to manage on-premises and cloud offerings.
-
Automation of network management, often through artificial intelligence and machine learning, holds great potential for helping businesses keep pace with rapidly expanding and complex distributed networks. But most organizations are reluctant to hand over all responsibility to intelligent systems. Change management to overcome AI skepticism, as well as gaining more experience using AI/ML, will build confidence and help drive adoption.
-
In our very first interview, we’re proud to spotlight Vandana Verma Sehgal. Vandana is the Chair of the Board of Directors for the OWASP (Open Web Application Security Project) Foundation. The non-profit foundation works to improve application security, organizing projects, tools, documents, forums, and chapters all over the world. Vandana is also passionate about initiatives to bring more diversity to cybersecurity.
Vandana has also been active in bringing more diversity to infosec. She said that she was used to being the only woman; women weren’t usually offered the night shift for her security operations team. Sure, cybersecurity is a niche skill, but she said it’s also a very male-dominated culture. Vendana is passionate about changing that. She started InfosecGirls to create a safe place for girls to learn about cybersecurity, collaborating with colleges to help women gain the technical training and skills to join our field.
Be sure to check out her story as well as some resources she has provided:
- Learn more about Vandana and her many activities at https://infosecvandana.com/
- Learn about and get involved with InfosecGirls
- Learn about her InfosecDiversity project to bring more diversity to the field
- Check out her video trainings and more great information
Please visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Vandana.
We’re thrilled to kick off our Women in Cybersecurity series with this interview, and hope you’ll join us to hear more inspiring stories in future episodes!
-
When it comes to their 2022 spending on networking products and services, enterprises express strong interest in using advanced technologies such as AI and cloud-based management tools to modernize their networks.
-
IT spending is accelerating in 2022, and cybersecurity initiatives are leading the charge as enterprises race to digitally transform and satisfy heightened customer expectations while simultaneously securing hybrid workforces. Among the top cybersecurity areas targeted for increased spending are cloud security, data security, network security, and endpoint security—indicative of a more holistic approach to cybersecurity investments. Although organizations face a range of cyber-threats, ransomware continues to be among the most challenging attack types, making ransomware readiness a top business priority that’s prompting senior leaders to participate in ransomware strategies.
-
This month as we observe Women’s History Month to celebrate the vital role of women in history, I’m excited to kick off our new series on Women in Cybersecurity. I’m excited about this program to connect women in the industry, and to spotlight their stories, with the hope to increase representation and encourage women in the field. -
With the move to modern software development, we’ve been talking about shifting security responsibilities left to developers so that security is not a bottleneck. But do developers care about security? Watch this video with me and my colleague Rob Strechay to learn about how developers think about security, what kinds of tools are available from cloud security providers, and how security vendors are working with the cloud providers to secure cloud-native applications.
-
Disjointed tools and manual processes are creating an unacceptable level of cyber-risk for many organizations.
See the data behind these trends and more with this Enterprise Strategy Group Infographic, Security Hygiene and Posture Management.
For more information or to discuss these findings with an analyst, please contact us.
This month as we observe Women’s History Month to celebrate the vital role of women in history, I’m excited to kick off our new series on Women in Cybersecurity. I’m excited about this program to connect women in the industry, and to spotlight their stories, with the hope to increase representation and encourage women in the field.