If you are in the cybersecurity market, you’ve heard (or read) about the point tools problem hundreds or thousands of times. Enterprise organizations base their cybersecurity defenses on dozens of point tools from different vendors. These point tools don’t talk to one another, making it difficult to get a complete end-to-end picture for situational awareness. This also leads to tremendous operational overhead as the cybersecurity staff is called upon to act as the glue between disparate tools.
Cybersecurity & Networking
-
-
I had a terrific week at RSA, meeting and talking with many of the world’s leading endpoint security and application security vendors. Every year, RSA provides a unique opportunity to take a fresh look at new and existing vendors, through in-person meetings with technical and marketing leaders, and checking out messaging through booths, signage, and materials. -
There was quite a bit of banter about boardroom cybersecurity actions at RSA Conference 2019. No surprise here, as business executives understand what’s at stake and are asking CISOs to provide more cyber risk data and metrics so they can work with them on intelligent risk mitigation strategies. -
Like many other cybersecurity professionals, I spent last week at RSA Conference 2019 in rainy San Francisco. Here are a few of my impressions:
-
As adversaries continue to be more aggressive and more targeted in their attack techniques, security teams are continuously challenged to implement more comprehensive endpoint protection strategies to keep up. Next-generation security vendors like Carbon Black, CrowdStrike, and Cylance have set the agenda, delivering integrated prevention, detection, and response platforms leveraging the cloud and a single agent. Established endpoint players like Symantec, Trend Micro, and Sophos have quickly responded, delivering integrated solutions leveraging both cloud and a common agent. ESG research shows that 77% of companies surveyed plan to move to an integrated security suite with a preference towards a single vendor, with an even split between companies who are looking to next-gen providers and those looking to the large, established security players. -
I’ve attended the RSA Conference for the past 15 years, and things have changed quite a bit. The event has gone from a few thousand to around 50,000 attendees, leading to a confluence of humanity and traffic around the Moscone Center. Hotel room prices exceed $500 per night, even at some of the “boutique” (i.e., flea bag) hotels in and around Union Square. The RSA event has become the nexus where cybersecurity meets high-end capitalism.
-
In this video blog, ESG’s new principal analyst, Christina Richmond, and I preview what we expect to see at RSA Conference 2019. The scope and scale of RSA Conference continues to grow with adjunct events held by industry organizations such as the Cloud Security Alliance, vendors, and ESG with our own breakfast event. A few of the topics we expect to be front and center at this year’s RSA Conference include:
-
When I first entered the cybersecurity market in 2003, I’d already been working in the IT industry for about 16 years in storage, networking, and telecommunications previously. By the early 2000s, all three sectors had moved on from bits and bytes to focusing on how each technology could help organizations meet their business goals. Oh sure, we still talked speeds-and-feeds, but we led with things like business agility, productivity, and cost cutting. The technology was a means to an end rather than an end in itself.When I got to the cybersecurity industry, I was surprised by what I saw. Unlike other areas of IT, cybersecurity was still deep in the weeds, focused on things like IP packets, application protocols, and malicious code. In other words, cybersecurity remained a “bottom-up” discipline as the cybersecurity team viewed the world from networks and devices “up the stack” to applications and the business. (more…)
-
I just got back from attending IBM Think in San Francisco. Though it was a quick trip across the country, I was inundated with IBM’s vision, covering topics from A (i.e., artificial intelligence) to Z (i.e., System Z) and everything in between. Despite the wide-ranging discussion, IBM’s main focus was on three areas: 1) Hybrid cloud, 2) Advanced analytics, and 3) Security. For example, IBM’s hybrid cloud discussion centered on digital transformation and leaned heavily on its Red Hat acquisition, while advanced analytics included artificial intelligence, cognitive computing (Watson), neural networks, etc. To demonstrate its capabilities in these areas, IBM paraded out customers like Geico, Hyundai Credit Corporation, and Santander Bank, who are betting on IBM for game-changing digital transformation projects. (more…)
-
A few years ago, cybersecurity professionals often lamented that executives didn’t want good security, they wanted “good enough” security. This axiom reflected that many CEOs equated cybersecurity with regulatory compliance. If the CISO could check all the right PCI, HIPAA, or SOX boxes, cybersecurity concerns were taken care of.
The “good enough” security attitude was an aversion for the cybersecurity crowd. CISOs who wanted to adequately protect corporate assets longed for a time when business executives would truly appreciate cyber risk and would be willing to participate and fund cyber risk management efforts adequately. (more…)
-
At most enterprise organizations, cybersecurity infrastructure grew organically over time. The security team implemented each security control in response to a particular threat, such as if antivirus software appeared on desktops, gateways were added to the network, sandboxes were deployed to detect malicious files, etc.
As the security infrastructure grew over the past 10 or 15 years, most enterprises didn’t really have a security technology architecture or strategy at all. And this lack of a cohesive security technology strategy has transcended into real problems. A recent ESG research survey illustrates some of the challenges associated with managing an assortment of security products from different vendors, including the following:
- 27% of survey respondents (i.e., cybersecurity professionals) say that their security products generate high volumes of security alerts, making it difficult to prioritize and investigate security incidents. Thus, more security tools = more alerts = more work = more problems.
- 27% of survey respondents say that each security technology demands its own management and operations, straining my organization’s resources. Other ESG research indicates that 51% of organizations have a problematic shortage of cybersecurity staff and skills, so there simply aren’t enough people for the necessary care and feeding of all these security tools.
- 24% of survey respondents say that their organization needs different solutions for different infrastructure environments that are managed by separate teams, creating operational inefficiencies. In other words, they have security tools for data centers, endpoints, virtual servers, public cloud workloads, etc. Coordinating policy and control across these areas is no walk in the park.
- 22% of survey respondents say the number of security technologies used at their organization makes security operations complex and time consuming. No surprise here.
- 20% of survey respondents say that purchasing from a multitude of security vendors adds cost and purchasing complexity to the organization. So, just like security operations, purchasing efficiency and pricing is impacted by the number of security tools used.
Too many security tools and not enough time to use them correctly is not a new problem, but I would say that the ramifications of this situation are growing increasingly worse all the time. This explains why CISOs are looking to consolidate and integrate their security infrastructure with platforms and architectures.
In the past, the security industry had a high population of best-of-breed point tools vendors, but the overall market is undergoing a profound change. The future of the security industry will be dominated by a few big vendors selling enterprise-class integrated solutions.
Unparalleled insights from analysts with an “insider” perspective
From strategy and product development to competitive insights and content creation, we deliver high-quality, actionable support services.
-
ESG conducted a comprehensive online survey of IT and cybersecurity professionals from private- and public-sector midmarket (i.e., 100 to 999 employees) and enterprise (i.e., 1,000+ employees) organizations in North America (United States and Canada) between August 16, 2018 and September 6, 2018. To qualify for this survey, respondents were required to be IT/information security/risk management professionals responsible for evaluating and purchasing cloud security technology products and services.
I had a terrific week at RSA, meeting and talking with many of the world’s leading endpoint security and application security vendors. Every year, RSA provides a unique opportunity to take a fresh look at new and existing vendors, through in-person meetings with technical and marketing leaders, and checking out messaging through booths, signage, and materials.
There was quite a bit of banter about boardroom cybersecurity actions at RSA Conference 2019. No surprise here, as business executives understand what’s at stake and are asking CISOs to provide more cyber risk data and metrics so they can work with them on intelligent risk mitigation strategies.
Like many other cybersecurity professionals, I spent last week at RSA Conference 2019 in rainy San Francisco. Here are a few of my impressions:
As adversaries continue to be more aggressive and more targeted in their attack techniques, security teams are continuously challenged to implement more comprehensive endpoint protection strategies to keep up. Next-generation security vendors like Carbon Black, CrowdStrike, and Cylance have set the agenda, delivering integrated prevention, detection, and response platforms leveraging the cloud and a single agent. Established endpoint players like Symantec, Trend Micro, and Sophos have quickly responded, delivering integrated solutions leveraging both cloud and a common agent. ESG research shows that 77% of companies surveyed plan to move to an integrated security suite with a preference towards a single vendor, with an even split between companies who are looking to next-gen providers and those looking to the large, established security players.
I’ve attended the RSA Conference for the past 15 years, and things have changed quite a bit. The event has gone from a few thousand to around 50,000 attendees, leading to a confluence of humanity and traffic around the Moscone Center. Hotel room prices exceed $500 per night, even at some of the “boutique” (i.e., flea bag) hotels in and around Union Square. The RSA event has become the nexus where cybersecurity meets high-end capitalism.
When I first entered the cybersecurity market in 2003, I’d already been working in the IT industry for about 16 years in storage, networking, and telecommunications previously. By the early 2000s, all three sectors had moved on from bits and bytes to focusing on how each technology could help organizations meet their business goals. Oh sure, we still talked speeds-and-feeds, but we led with things like business agility, productivity, and cost cutting. The technology was a means to an end rather than an end in itself.
I just got back from attending IBM Think in San Francisco. Though it was a quick trip across the country, I was inundated with IBM’s vision, covering topics from A (i.e., artificial intelligence) to Z (i.e., System Z) and everything in between. 
A few years ago, cybersecurity professionals often lamented that executives didn’t want good security, they wanted “good enough” security. This axiom reflected that many CEOs equated cybersecurity with regulatory compliance. If the CISO could check all the right PCI, HIPAA, or SOX boxes, cybersecurity concerns were taken care of.