Jon Oltsik
Author Archives: Jon Oltsik
- Home → Author's archive:
Jon Oltsik
0
Cybersecurity Goes Private: McAfee and RSA
There are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company.The good news for both companies is that the market for cybersecurity products and services is quite healthy, and large customers are looking for enterprise-class security vendors with integrated product suites, managed/professional services, and business process experience to partner with. Cybersecurity vendors like Cisco and IBM that fit this description are doing quite well in the enterprise so McAfee and RSA (as well as Forcepoint, Palo Alto Networks, Symantec, Trend Micro, and a few others) could join this exclusive club. To read this article in full or to leave a comment, please click here
0
Cybersecurity Goes Private: McAfee and RSA
There are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company.The good news for both companies is that the market for cybersecurity products and services is quite healthy, and large customers are looking for enterprise-class security vendors with integrated product suites, managed/professional services, and business process experience to partner with. Cybersecurity vendors like Cisco and IBM that fit this description are doing quite well in the enterprise so McAfee and RSA (as well as Forcepoint, Palo Alto Networks, Symantec, Trend Micro, and a few others) could join this exclusive club. To read this article in full or to leave a comment, please click here
0
VMworld: My Cybersecurity-Centric Impressions
In my last blog, I wrote about what I was anticipating as far as cybersecurity for VMworld. Now that I’m back from Vegas, it’s time for me to report on how reality aligned with my expectations.1. NSX penetration. It seems like VMware has made progress in terms of NSX market penetration over the past year. At VMworld 2015, VMware talked about around 1,000 production environments for NSX while at VMworld 2016, VMware mentioned somewhere between 1,700 to 2,000 production NSX customers. Still a small percentage of the total VMware installed base but at least 70% growth year-over-year. Yes, some of these customers are likely just getting started or are using NSX on an extremely limited basis, but I still see good progress happening as more and more organizations begin playing with and using NSX. VMware describes three primary uses for NSX: Disaster recovery, security, and network operations automation. It is worth noting that around 60% to 70% of NSX deployment is skewed toward security use cases. To read this article in full or to leave a comment, please click here
0
VMworld: My Cybersecurity-Centric Impressions
In my last blog, I wrote about what I was anticipating as far as cybersecurity for VMworld. Now that I’m back from Vegas, it’s time for me to report on how reality aligned with my expectations.1. NSX penetration. It seems like VMware has made progress in terms of NSX market penetration over the past year. At VMworld 2015, VMware talked about around 1,000 production environments for NSX while at VMworld 2016, VMware mentioned somewhere between 1,700 to 2,000 production NSX customers. Still a small percentage of the total VMware installed base but at least 70% growth year-over-year. Yes, some of these customers are likely just getting started or are using NSX on an extremely limited basis, but I still see good progress happening as more and more organizations begin playing with and using NSX. VMware describes three primary uses for NSX: Disaster recovery, security, and network operations automation. It is worth noting that around 60% to 70% of NSX deployment is skewed toward security use cases. To read this article in full or to leave a comment, please click here
0
Cybersecurity and VMworld
With memories of Black Hat still in my head, I’m back in Las Vegas for VMworld. I’m sure there will be plenty of generic VMware and partner announcements but I’m here to assess how VMware is addressing enterprise security requirements with its technologies and partner relationships. I will be focusing on a few key areas:1. NSX penetration. Last year, VMware talked a lot about emerging demand for NSX but I’ve seen a lot of momentum over the past 12 months. From a security perspective, large organizations adopt NSX to do a better job of segmenting workloads and network traffic, as well as network security operations. I’m interested to see how VMware security use cases are maturing and how VMware customers are moving toward building additional security controls and monitoring on top of NSX capabilities.To read this article in full or to leave a comment, please click here
0
Cybersecurity and VMworld
With memories of Black Hat still in my head, I’m back in Las Vegas for VMworld. I’m sure there will be plenty of generic VMware and partner announcements but I’m here to assess how VMware is addressing enterprise security requirements with its technologies and partner relationships. I will be focusing on a few key areas:1. NSX penetration. Last year, VMware talked a lot about emerging demand for NSX but I’ve seen a lot of momentum over the past 12 months. From a security perspective, large organizations adopt NSX to do a better job of segmenting workloads and network traffic, as well as network security operations. I’m interested to see how VMware security use cases are maturing and how VMware customers are moving toward building additional security controls and monitoring on top of NSX capabilities.To read this article in full or to leave a comment, please click here
0
The Need for Network Security Operations Automation
According to ESG research, 63% of networking and cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe that network security operations is more difficult today than it was two years ago (note: I am an ESG employee). Why? Because enterprises have to deal with more connected devices, network traffic, and applications than two years ago. What’s more 47% of respondents claim that it is difficult to monitor network behavior from end-to-end while 41% claim that network security operations difficulties result from increasing use of cloud computing.Yup, enterprise networks are a series of moving parts and these parts continue to move faster and faster all the time. You just can’t keep up with the pace with limited cybersecurity and network operations personnel, and you certainly can’t keep up by managing network security operations on a box-by-box, CLI-by-CLI basis. To read this article in full or to leave a comment, please click here
0
The need for network security operations automation
According to ESG research, 63 percent of networking and cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe network security operations is more difficult today than it was two years ago. Why? Because enterprises have to deal with more connected devices, network traffic and applications than two years ago.What’s more 47 percent of respondents claim that it is difficult to monitor network behavior from end to end, while 41 percent say network security operations difficulties result from increasing use of cloud computing.+ Also on Network World: It’s time to pull the trigger on security automation +To read this article in full or to leave a comment, please click here
0
More on Operationalizing Threat Intelligence
Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber-threats. Overall malware volume is down but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97% of all malware variants are seen only one time. In other words, they are designed to target and attack specific organizations.Yes, enterprise organizations are bolstering defenses with anti-malware gateways and next-generation endpoint security tools but they are also doubling down on threat intelligence. According to ESG research, 27% of enterprise organizations plan to spend significantly more on their threat intelligence programs over the next 12 to 18 months while another 45% say they will spend somewhat more on their threat intelligence programs during this same timeframe (note: I am an ESG employee).To read this article in full or to leave a comment, please click here
0
More on Operationalizing Threat Intelligence
Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber-threats. Overall malware volume is down but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97% of all malware variants are seen only one time. In other words, they are designed to target and attack specific organizations.Yes, enterprise organizations are bolstering defenses with anti-malware gateways and next-generation endpoint security tools but they are also doubling down on threat intelligence. According to ESG research, 27% of enterprise organizations plan to spend significantly more on their threat intelligence programs over the next 12 to 18 months while another 45% say they will spend somewhat more on their threat intelligence programs during this same timeframe (note: I am an ESG employee).To read this article in full or to leave a comment, please click here
0
More on operationalizing threat intelligence
Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber threats. Overall malware volume is down, but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97 percent of all malware variants are seen only one time. In other words, they are designed to target and attack specific organizations.Yes, enterprise organizations are bolstering defenses with anti-malware gateways and next-generation endpoint security tools, but they are also doubling down on threat intelligence. According to ESG research, 27 percent of enterprise organizations plan to spend significantly more on their threat intelligence programs over the next 12 to 18 months, while another 45 percent say they will spend somewhat more on their threat intelligence programs during this same timeframe.To read this article in full or to leave a comment, please click here
0
CISO Portfolio Management
Enterprise CISOs are in an unenviable position. Given today’s dangerous threat landscape and rapidly evolving IT initiatives, CISOs have a long list of tasks necessary for protecting sensitive data and IT assets. At the same time however, most organizations are operating with a shortage of skilled cybersecurity professionals. According to ESG research, 46% of organizations claim that they have a “problematic shortage” of cybersecurity skills in 2016 (note: I am an ESG employee).In the past, CISOs (and let’s face it, all cybersecurity professionals) were control freaks often suspicious of vendors and service providers. Faced with today’s overwhelming responsibilities however, many CISOs I’ve spoken with lately say they’ve changed their tunes and have adopted more of a portfolio management approach to their jobs. To read this article in full or to leave a comment, please click here
0
CISOs adopt a portfolio management approach for cybersecurity
Enterprise CISOs are in an unenviable position. Given today’s dangerous threat landscape and rapidly evolving IT initiatives, CISOs have a long list of tasks necessary for protecting sensitive data and IT assets. At the same time, however, most organizations are operating with a shortage of skilled cybersecurity professionals. According to ESG research, 46 percent of organizations claim they have a “problematic shortage” of cybersecurity skills in 2016.In the past, CISOs (and let’s face it, all cybersecurity professionals) were control freaks often suspicious of vendors and service providers. Faced with today’s overwhelming responsibilities, however, many CISOs I’ve spoken with lately say they’ve changed their tune and have adopted more of a portfolio management approach to their jobs. To read this article in full or to leave a comment, please click here
0
A Few Thoughts from Black Hat 2016
Last week’s Black Hat 2016 conference was a whirlwind of activity. Here’s a few of my takeaways:1. I kind of like Black Hat better than the RSA Conference. At Black Hat, you talk about the real challenges facing our industry and discuss intellectual ways to overcome them. At RSA, everyone throws buzz words at you and tells you how they solve all your problems. And maybe it’s because RSA is in San Francisco, but you can always count on the Sand Hill Rd. crowd to show up at RSA and let you know how rich they’ve become protecting all of our sensitive data. Black Hat is whiskey and grit, RSA is Merlot and PR messaging. In other words, the folks who really know, live, and fight for cybersecurity are in Vegas while those looking to make money on cybersecurity are at RSA.To read this article in full or to leave a comment, please click here
0
Anticipating Black Hat
I was at CiscoLive a few weeks ago in the 100 degree+ heat of Las Vegas and like other cybersecurity professionals I am off to Sin City again next week for Black Hat.Now Black Hat has become a technically-focused little brother of the RSA Security Conference, chock full of cybersecurity geeks at the beginning of the week and forensic investigators, researchers, analysts, and hackers as Black Hat turns to Defcon. Given this focus, I’m looking forward to hearing about a number of things including:1. Anti-ransomware fact and hyperbole. Last December, I predicted a rise in ransomware in my blog, even going so far to talk about enterprise ransomware that impacted multiple systems on the network simultaneously. Unfortunately, I was right about this one as ransomware has become a cybersecurity scourge of 2016. Nasty stuff and once you’re hit, there is little you can do except replace the hard drive, reimage systems and hope you’ve done a recent full backup. Alternatively, you can pony up a bunch of rubles to Vladimir in Odessa. Nevertheless, there are in fact ways to prevent ransomware before it bricks your system. New types of Continue reading
0
Anticipating Black Hat
I was at CiscoLive a few weeks ago in the 100 degree+ heat of Las Vegas and like other cybersecurity professionals I am off to Sin City again next week for Black Hat.Now Black Hat has become a technically-focused little brother of the RSA Security Conference, chock full of cybersecurity geeks at the beginning of the week and forensic investigators, researchers, analysts, and hackers as Black Hat turns to Defcon. Given this focus, I’m looking forward to hearing about a number of things including:1. Anti-ransomware fact and hyperbole. Last December, I predicted a rise in ransomware in my blog, even going so far to talk about enterprise ransomware that impacted multiple systems on the network simultaneously. Unfortunately, I was right about this one as ransomware has become a cybersecurity scourge of 2016. Nasty stuff and once you’re hit, there is little you can do except replace the hard drive, reimage systems and hope you’ve done a recent full backup. Alternatively, you can pony up a bunch of rubles to Vladimir in Odessa. Nevertheless, there are in fact ways to prevent ransomware before it bricks your system. New types of Continue reading
0
Russian DNC Hack – A Cybersecurity Microcosm
According to ESG research, 31% of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe the threat landscape is much worse today than it was 2 years ago while another 36% say the threat landscape is somewhat worse today than it was 2 years ago (note: I am an ESG employee).Why the cynicism? Look no further than the Russian hack of the DNC as this particular data breach is a microcosm of cybersecurity at large. This one incident illustrates a few important points:1. All data is at risk. Way back when, state-sponsored cyber-attacks were government-on-government affairs, typically focused on military and intelligence. The cyber-theft of design documents for the F-22 and F-35 are perfect examples here. Unfortunately, state-sponsored attacks have gone beyond spooks and soldiers. China went after the NY Times, North Korea breached Sony Pictures, and Russia blew the lid off the DNC. When matched against sophisticated state-sponsored actors, pedestrian cybersecurity defenders are simply fighting out of their weight class.To read this article in full or to leave a comment, please click here
0
Russian DNC hack – A cybersecurity microcosm
According to ESG research, 31 percent of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe the threat landscape is much worse today than it was two years ago. While another 36 percent say the threat landscape is somewhat worse today than it was two years ago.Why the cynicism? Look no further than the Russian hack of the DNC as this particular data breach is a microcosm of cybersecurity at large. This one incident illustrates a few important points: All data is at risk. Way back when, state-sponsored cyber attacks were government-on-government affairs, typically focused on military and intelligence. The cyber theft of design documents for the F-22 and F-35 are perfect examples here. Unfortunately, state-sponsored attacks have gone beyond spooks and soldiers. China went after The New York Times, North Korea breached Sony Pictures, and Russia blew the lid off the DNC. When matched against sophisticated state-sponsored actors, pedestrian cybersecurity defenders are simply fighting out of their weight class. The list of adversaries continues to grow. Beyond China, North Korea and Russia, it’s fair to add Iran, the Syrian Electronic Army, and dozens of other countries investing in offensive cyber operations. There are Continue reading
0
Cybersecurity: A vertical industry application?
Cybersecurity has always been a horizontal technology practice that’s roughly the same across all industry sectors. Yes, some industries have different regulations, use cases or business processes that demand specific security controls, but overall every company needs things like firewalls, IDS/IPS, threat management gateways and antivirus software regardless.Generic security requirements will remain forever, but I see a burgeoning trend transforming cybersecurity from a set of horizontal technologies to a vertical industry application. These drivers include: Increasing business focus on cybersecurity. While it sounds like industry hype, cybersecurity has actually become a boardroom issue and corporate boards understand industry-specific risks much better than technology gibberish about malware and exploits. To accommodate these corporate executives, CISOs will need communications skills, as well as tools and technologies that help translate cybersecurity data into meaningful industry and corporate risk intelligence that can drive investment and decision making. Security intelligence vendors like BitSight and SecurityScorecard are already exploiting this need, offering industry-centric cybersecurity metrics for business use. CISO progression. The present generation of CISOs grew up through the ranks of IT and security with career development responsibilities such as network operations and firewall administration. Yes, the next generation of CISOs will still need some Continue reading
0
Cybersecurity: A vertical industry application?
Cybersecurity has always been a horizontal technology practice that’s roughly the same across all industry sectors. Yes, some industries have different regulations, use cases or business processes that demand specific security controls, but overall every company needs things like firewalls, IDS/IPS, threat management gateways and antivirus software regardless.Generic security requirements will remain forever, but I see a burgeoning trend transforming cybersecurity from a set of horizontal technologies to a vertical industry application. These drivers include: Increasing business focus on cybersecurity. While it sounds like industry hype, cybersecurity has actually become a boardroom issue and corporate boards understand industry-specific risks much better than technology gibberish about malware and exploits. To accommodate these corporate executives, CISOs will need communications skills, as well as tools and technologies that help translate cybersecurity data into meaningful industry and corporate risk intelligence that can drive investment and decision making. Security intelligence vendors like BitSight and SecurityScorecard are already exploiting this need, offering industry-centric cybersecurity metrics for business use. CISO progression. The present generation of CISOs grew up through the ranks of IT and security with career development responsibilities such as network operations and firewall administration. Yes, the next generation of CISOs will still need some Continue reading