When it comes to their 2022 spending on networking products and services, enterprises express strong interest in using advanced technologies such as AI and cloud-based management tools to modernize their networks.
Cybersecurity & Networking
-
-
IT spending is accelerating in 2022, and cybersecurity initiatives are leading the charge as enterprises race to digitally transform and satisfy heightened customer expectations while simultaneously securing hybrid workforces. Among the top cybersecurity areas targeted for increased spending are cloud security, data security, network security, and endpoint security—indicative of a more holistic approach to cybersecurity investments. Although organizations face a range of cyber-threats, ransomware continues to be among the most challenging attack types, making ransomware readiness a top business priority that’s prompting senior leaders to participate in ransomware strategies.
-
This month as we observe Women’s History Month to celebrate the vital role of women in history, I’m excited to kick off our new series on Women in Cybersecurity. I’m excited about this program to connect women in the industry, and to spotlight their stories, with the hope to increase representation and encourage women in the field. -
With the move to modern software development, we’ve been talking about shifting security responsibilities left to developers so that security is not a bottleneck. But do developers care about security? Watch this video with me and my colleague Rob Strechay to learn about how developers think about security, what kinds of tools are available from cloud security providers, and how security vendors are working with the cloud providers to secure cloud-native applications.
-
Disjointed tools and manual processes are creating an unacceptable level of cyber-risk for many organizations.
See the data behind these trends and more with this Enterprise Strategy Group Infographic, Security Hygiene and Posture Management.
For more information or to discuss these findings with an analyst, please contact us.
-
Developers are increasingly using infrastructure as code (IaC), such as Terraform and CloudFormation, to provision their own cloud infrastructure for faster development cycles. As IaC brings unprecedented ease and speed for self-service infrastructure provisioning, there is a high chance for mistakes and misconfigurations as development teams grow. -
ESG conducted a comprehensive online survey of IT and cybersecurity professionals from private- and public-sector organizations in North America (United States and Canada) between August 3, 2021 and August 14, 2021. To qualify for this survey, respondents were required to be IT and cybersecurity professionals responsible for evaluating, purchasing, and utilizing products and services for security hygiene and posture management (i.e., vulnerability management, asset management, attack surface management, security testing tools, etc.).
This Complete Survey Results presentation focuses on security posture management strategies today, including how organizations are addressing challenges and improving programs, how security and IT operations teams cooperate on all security posture management activities, and priorities associated with security posture management in the coming 12-18 months.
-
Security posture management challenges are driven by the growing attack surface. Organizations have accelerated cloud computing initiatives and have been forced to support a growing population of remote users because of the pandemic. Firms are also deploying new types of devices as part of digital transformation initiatives, further exacerbating the growing attack surface, which leads to management challenges, vulnerabilities, and potential system compromises. Meanwhile, security teams are also concerned about recent cybersecurity issues including MS Exchange vulnerabilities, the SolarWinds hack, and the recent Log4j zero-day flaw. As a result, organizations are further assessing security posture management processes, examining vendor risk management requirements, and testing security more frequently.
Already an Enterprise Strategy Group client? Log in to read the full report.
If you are not yet a Subscription Client but would like to learn more about accessing this report, please contact us.
-
When April Fool’s Day comes around each year, it’s human nature to be a little more on-edge than usual. Your guard is up, and you can’t completely trust anyone (even your closest friends and family). So, for the whole day, you take extra precautions, carefully opening the present your friend just “wanted to drop by,” and not believing there’s “cake in the break room” until it’s fact checked. While it’s fun to dedicate one day per year to April Fool’s Day, organizations of all industries must take these precautions… every day of the year. Cyber criminals are looking for a way to break through security defenses 24/7/365, so organizations must also remain on the clock, working to protect their most critical assets. But when it comes to cyberattacks and protecting your data, the stakes are much higher than whether the cake in the break room is real or not.It’s easy to want to trust those around you – and the majority of people (I believe) do have good intentions for the most part! But, unfortunately, the increasing complexity of enterprise environments, coupled with the evolution of the threat landscape means that organizations must be much more judicious in how they assess trust. For this reason, many have begun to implement principles in support of a zero trust security strategy. Zero trust is exactly as it sounds – organizations should not inherently trust any user, device, or entity. Instead, they should function as if cyber criminals already have access to the corporate network and resources. While in the past, security may have been focused on establishing a defined perimeter inside which trust was inherently assumed, zero trust today requires an all-encompassing approach to continually evaluate, authorize, and authenticate every network transaction based on the risk it poses.
ESG research revealed that 36% of survey respondents’ organizations experienced probing ransomware attacks on at least a monthly basis over the past 12 months.[1] Many organizations experience these daily. So what are organizations doing about this? 82% of surveyed organizations planned to increase spending on technologies, services, and personnel supporting zero trust in the next 12-18 months, and for those who had already adopted zero trust strategies, 84% believed them to be successful.[2] This is clearly an area of an investment for organizations, and it seems to be paying off for the earlier adopters.
While it may be difficult to trust others when it comes to cybersecurity and cyber-attacks, the objective of ESG Validation reports is to provide an independent, trustworthy perspective of solutions so that IT decision makers can make better business decisions and find the best solutions for their needs. Check out these recent zero trust-related validation report: Google BeyondCorp Enterprise.
Enterprise Strategy Group (ESG) is an IT analyst, research, validation, and strategy firm that gives the global IT community access to market intelligence and actionable insight. The Validation Team creates assets such as Validation reports, videos, webinars, and more, that help to communicate the technological and economic value of IT products and solutions.
[1] Complete Survey Results: 2022 Technology Spending Intentions Survey Nov 24, 2021
[2] Research Report: The State of Zero-trust Security Strategies Apr 12, 2021
-
Interest in secure access service edge (SASE) architectures has exploded as IT organizations struggle using traditional solutions to support distributed enterprise environments.
Learn more about this important transition with this Enterprise Strategy Group Infographic, 2021 SASE Trends.
For more information or to discuss these findings with an analyst, please contact us.
-
To better secure their growing attack surface, IT and security teams are thinking differently about endpoint security platforms.
Learn more about this shifting market with the Enterprise Strategy Group Infographic, Endpoint Security Trends.
For more information or to discuss these findings with an analyst, please contact us.
-
The amount of interest in secure access service edge (SASE) architectures has exploded over the last 18 months. Organizations struggle using traditional, on-premises-based network and security solutions to support distributed, cloud-centric enterprise environments. While this has been an increasing challenge over the last few years, the pandemic and resulting spike in newly remote workers pushed many organizations to a tipping point. At the same time, the broad applicability of SASE leads to some confusion about where to begin and which technologies are required, exacerbated by legacy organizational dynamics.
This month as we observe Women’s History Month to celebrate the vital role of women in history, I’m excited to kick off our new series on Women in Cybersecurity. I’m excited about this program to connect women in the industry, and to spotlight their stories, with the hope to increase representation and encourage women in the field.
D
When April Fool’s Day comes around each year, it’s human nature to be a little more on-edge than usual. Your guard is up, and you can’t completely trust anyone (even your closest friends and family). So, for the whole day, you take extra precautions, carefully opening the present your friend just “wanted to drop by,” and not believing there’s “cake in the break room” until it’s fact checked. While it’s fun to dedicate one day per year to April Fool’s Day, organizations of all industries must take these precautions… every day of the year. Cyber criminals are looking for a way to break through security defenses 24/7/365, so organizations must also remain on the clock, working to protect their most critical assets. But when it comes to cyberattacks and protecting your data, the stakes are much higher than whether the cake in the break room is real or not.