Too many large organizations still anchor security to an army of disconnected point tools and rely on the cybersecurity staff to piece everything together. This strategy is ineffective, inefficient, and increases cyber-risk. CISOs have had enough as many are actively integrating cybersecurity technologies and consolidating the number of vendors with whom they do business. As this trend progresses, large organizations will buy a lot more of their cybersecurity technologies from a handful of vendors, which will tilt the market toward an emerging breed of enterprise-class cybersecurity vendors offering the right products, services, and partner ecosystems.
Cybersecurity & Networking
-
-
I’ve known Cybereason CSO, Sam Curry for years, so it was a pleasure to lure him to Enterprise Strategy Group’s virtual studio for a SOAPA video. In part 1 of our 2-part series, Sam and I discuss:
- Why EDR? Sam describes how, unlike SIEM, EDR is designed for one specific purpose – finding the bad guys. The best EDR solutions identify signals in all the noise, alert humans about malicious activities, and make it easy for them to take action.
- EDR as part of SOAPA.
While EDR monitors endpoints, SOAPA brings in telemetry from other sources, analyzes the data, and makes the data actionable. So, SOAPA takes the best aspects of EDR and supplements them. - EDR for “low and slow” attack detection. One of the knocks on EDR is that it looks at cybersecurity incidents on an endpoint-by endpoint basis, thus missing APTs that slowly follow a kill chain attack pattern. Sam disputes this assertion, proclaiming that a good EDR system acts as a behavioral tracker and system of record that uses advanced analytics to stitch attacks together as they progress. The keys are data quality, analytics, and making the data intuitive and actionable.
- SOAPA integration. SOAPA covers a lot of security technology domains so I ask Sam how Cybereason customers start building an architecture. Demonstrating his role as a CSO, Sam turns this question around to a business goal, insisting that users should focus on the results they want to achieve and then work backward to technology integration. Sam reminds the audience that the goals are coordinating humans and improving processes, not technology integration alone.
I really think that Sam Curry could address cybersecurity issues in his sleep. Stay tuned for Part 2 of our SOAPA video.
-
Cloud security as has reached a tipping point by virtue of the fact that both SaaS and internally developed cloud-native applications now perform business-critical functions. In turn, cloud security can no longer be a siloed discipline in which separate teams employ separate controls to secure separate environments. Fortunately, cloud security is starting to be mainstreamed – security teams are getting more involved in scrums and sprints, and many CIO’s are creating and funding cross-functional cloud centers of excellence (CCoE). The maturation of cloud security programs, however, needs to include bringing cloud observability into the security operations center. It’s time to put the C in XDR. -
Growing numbers of organizations are adopting modern application platforms, distributing and securing them across data centers and multiple public cloud environments. ESG conducted research to determine how those changes have impacted application delivery controller (ADC) deployments. The results indicate that organizations are expecting ADCs to evolve with emerging application and cloud technologies and deliver new capabilities that enable them to more efficiently manage, optimize, and secure their distributed environments.
-
ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.
This Master Survey Results presentation focuses on application delivery controller (ADC) trends, especially as organizations balance hybrid cloud and application development strategies.
-
With the edge adding to the complexity of IT, organizations need a simple, cost-effective solution to extract valuable insights from immense amounts of data and, at the same time, protect the business. Aruba’s recently announced AI-powered, unified edge services platform (ESP for short) incorporates intelligence and security, helping improve agility and network visibility, boosting security at the edge, and enhancing the user experience.
-
In late 2019 and early 2020, the Enterprise Strategy Group and the Information Systems Security Association (ISSA) conducted the fourth annual research project focused on the lives and experiences of cybersecurity professionals. This year’s report is based on data from a survey of 327 cybersecurity professionals and ISSA members. Ninety-two percent of survey respondents resided in North America, 4% came from Europe, 3% from Asia, and 1% from Central/South America.
-
As the global impact of COVID-19 manifested itself in the US in the middle of March, Enterprise Strategy Group and ISSA decided to conduct an in-depth survey in April 2020 of 364 cybersecurity and IT professionals from the global ISSA member list. The study was a point in time assessment of challenges posed by the pandemic. It is likely that challenges and solutions will continue to evolve over the next few years.
-
ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.
This Master Survey Results presentation focuses on modern network security challenges, plans, and strategies as organizations look to cloud-delivered solutions that provide centralized management and distributed enforcement.
-
ESG conducted an in-depth survey of 380 IT and cybersecurity professionals responsible for evaluating, purchasing, and managing endpoint security products, processes, and services. Survey participants represented midmarket (100 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America (United States and Canada).
Survey participants represented a wide range of industries including manufacturing, financial services, healthcare, communications and media, retail, government, and business services. For more details, please see the Research Methodology and Respondent Demographics sections of this report.
-
Network security at the perimeter has remained predominantly appliance-centric, despite the acceleration of cloud-delivered solutions in other parts of the stack. That is set to change as organizations look for stronger protection, improved performance, and a more consistent model across the increasingly distributed enterprise environment. Elastic cloud gateways are seeing significant interest as an approach to meet these business requirements through a converged, cloud-delivered network security architecture.
-
The first blog I wrote about elastic cloud gateways prior to Black Hat 2019 referenced next-generation firewalls relative to the shift to application-centric, Layer 7 scanning, and the massive impact that had on the network security market. What I didn’t appreciate at the time is how similar the trajectory of the two spaces would be. In the 10 months since Black Hat, we’ve witnessed a massive amount of momentum in this area. In fact, recently completed ESG research on elastic cloud gateways found that 94% of organizations reported usage of, or some level of interest in, these types of solutions. With secure access services edge (SASE) having become common terminology within the network security space, I’m often asked what the difference is between ECG and SASE. The fact is, there are many more similarities than differences; however, the differences that do exist are important.
Cloud security as has reached a tipping point by virtue of the fact that both SaaS and internally developed cloud-native applications now perform business-critical functions. In turn, cloud security can no longer be a siloed discipline in which separate teams employ separate controls to secure separate environments. Fortunately, cloud security is starting to be mainstreamed – security teams are getting more involved in scrums and sprints, and many CIO’s are creating and funding cross-functional cloud centers of excellence (CCoE). The maturation of cloud security programs, however, needs to include bringing cloud observability into the security operations center. It’s time to put the C in XDR.
The first blog I wrote about