Top IT Security Bloggers

Network World - Networking Nuggets and Security Snippets
  • Ten Take-Aways from the Splunk User Conference

    Network World - Networking Nuggets and Security Snippets
    I spent the early part of this week in Orlando, attending Splunk .Conf 2018.  Here are a few of my take-aways:
    Splunk articulated a vision of security analytics/operations for 2020 that included 10 areas:

    Data ingestion. Collecting and processing a growing body of security telemetry.
    Detection.  Finding and blocking known threats
    Prediction.  Using advanced analytics to identify new attacks and then spreading the warning around to all connected customers.
    Automation.  Automate all pedestrian tasks and accelerate more complex tasks.
    Orchestration.  Use APIs to connect security controls together for investigations and remediation actions.
    Recommendation.  Monitor and record security operations and then recommend proven actions to the SOC team.
    Investigation.  Provide intuitive tools to figure out what cyber-attacks are happening and why they are happening.
    Collaboration.  Offer a workbench for security operations while connecting to collaboration tools like Slack.
    Case management. Deliver a security-centric tracking system that spans security incident management lifecycles. 
    Reporting.  Providing a central place to measure all aspects of reporting.



    I would add integration (i.e. SOAPA functionality for data management services, software services, etc.) and outsourcing (i.e. choosing which security operations tasks to delegate to partners), but Splunk’s list is pretty complete.To read this article in full, please click here
  • Cloudy future for security analytics

    Network World - Networking Nuggets and Security Snippets
    When you think of security analytics and operations, one technology tends to come to mind — security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and remains the primary security operations platform today. Vendors in this space today include AlienVault (AT&T), IBM (QRadar), LogRhythm, McAfee, and Splunk.SIEM has greatly improved over the last 16 years, but the underlying architecture remains similar. SIEM is composed of a data management layer designed to collect and process raw security data. Once the data is processed, it becomes available for upper layers of the stack for data analysis and actions like automated/orchestrated processes.To read this article in full, please click here
  • Form Factor Wars: Cloud-based or On-premises Security Technologies?

    Network World - Networking Nuggets and Security Snippets
    Cybersecurity professionals are paid to be paranoid and tend to want to control everything they can to minimize surprises or third-party dependencies.  This has always been the case with regards to security technology.  Historically, CISOs mistrusted managed services, preferring instead to “own” the deployment and operations associated with their security technologies. While cultural attitudes toward security control remain today, demand- and supply-side changes are influencing new security technology decisions. On the demand-side, CISOs are coping with a global cybersecurity skills shortage.  According to research from ESG and the Information Systems Security Association (ISSA), the skills shortage has an impact on around 70% of organizations, increasing the workload on security teams, forcing them to focus the bulk of their attention on high priority alerts only.  This means that while CISOs may want to “own” everything, they don’t have the resources to do so. To read this article in full, please click here
  • 5 biggest cybersecurity challenges at smaller organizations

    Network World - Networking Nuggets and Security Snippets
    Hello, dedicated readers! My blog is back from a restful week’s vacation on Cape Cod and ready to tackle the falling leaves, changing temperatures, and cybersecurity issues of autumn.Back in August, I wrote a few blog posts about cybersecurity trends in small and mid-sized organizations (i.e. between 50 and 499 employees). The first blog post looked at the state of cybersecurity at SMBs, and the second post examined what SMBs are doing to address these issues.To read this article in full, please click here
  • CISOs recommend future actions for their organizations

    Network World - Networking Nuggets and Security Snippets
    Each year, ESG conducts a research project with the Information Systems Security Association (ISSA) on the mindset of cybersecurity professionals. (The 2017 report is available here.) As part of last year’s research, we asked respondents to identify the top actions their organizations should take in the future to improve cybersecurity. We then looked at this data based upon respondents’ roles, so we could look at the specific recommendations from CISOs (or other titles with equivalent job descriptions). To read this article in full, please click here
  • The most important attributes of a cybersecurity platform

    Network World - Networking Nuggets and Security Snippets
    We’ve seen an ongoing cybersecurity technology trend that goes something like this:
    Enterprise organizations address cybersecurity using disconnected point tools. This strategy is no longer adequate, as it impacts security efficacy and adds operational overhead.
    Security teams address these problems by consolidating and integrating the security tools they use. Many are building security technology architectures a la SOAPA (i.e. security operations and analytics platform architecture).
    Seeing this trend in process, security technology vendors push internal development teams to integrate point tools across their portfolio. They then pitch integrated security "platforms" to customers.

    This story has been unfolding for many years and is now reaching a climax. According to ESG research, 62% of enterprise organizations are now willing to buy a majority of security technologies from a single vendor. (Note: I am an employee of ESG.)To read this article in full, please click here
  • The Transition Toward Enterprise-class cybersecurity Vendors

    Network World - Networking Nuggets and Security Snippets
    Recently, ESG completed its second annual enterprise-class cybersecurity vendor research.  The story behind this project goes something like this: Enterprise organizations (i.e. those with 1,000 employees or more) have too many point tools and are now engaged in projects to integrate security technologies while eliminating some tools and vendors along the way.This sets up a security market where enterprises buy more products from fewer vendors, and this will have a big market impact – fewer transactions, more large deals, longer sales cycles, increased CISO oversight over procurement, intense competition, etc. I realize that this is antithetical to the way the security industry has always worked in the past when large organizations bought best-of-breed technologies for every layer of a defense-in-depth architecture.  The data indicates that this historical mindset is changing however – 62% of survey respondents say that their organization would now consider buying a majority of its security technologies (as well as managed security services) from a single enterprise-class cybersecurity vendor.To read this article in full, please click here
  • What Are Small Organizations Doing About Cybersecurity?

    Network World - Networking Nuggets and Security Snippets
    Last week, I published a blog on the state of cybersecurity at small organizations.  As a review, two-thirds of firms with 50 to 499 employees have experienced at least one cybersecurity incident over the past few years, leading to lost productivity and business disruptions.  Survey respondents claim that the biggest contributing factors to these cybersecurity incidents included human error, a lack of knowledge about cyber risk, and new IT initiatives lacking proper cybersecurity oversight.Based upon this data, many small organizations don’t have the skills, staff, or cybersecurity infrastructure to keep up with the threat landscape. To read this article in full, please click here
  • The state of cybersecurity at small organizations

    Network World - Networking Nuggets and Security Snippets
    ESG recently completed a research survey of 400 cybersecurity and IT professionals working at small organizations (i.e. 50 to 499 employees) in North America. As you can imagine, these firms tend to have a small staff responsible for cybersecurity and IT, reporting to business management rather than CIOs or CISOs. (Note: I am an employee of ESG.)How are these firms doing with cybersecurity? Not so good. Two-thirds of the organizations surveyed experienced at least one cybersecurity incident (i.e. system compromise, malware incident, DDoS, targeted phishing attack, data breach, etc.) over the past two years.
    [ How much does a cyber attack really cost? Take a look at the numbers. | Get the latest from CSO by signing up for our newsletters. ]To read this article in full, please click here
  • Take-aways from Black Hat USA 2018

    Network World - Networking Nuggets and Security Snippets
    I’m not sure how many people attended Black Hat in Las Vegas last week, but it surely felt like a record crowd.  Optimistic attendees lauded the show for its threat research and focus on cybersecurity skills while skeptics bemoaned Black Hat changes, disparagingly referring to the show as ‘RSA in the desert.’As for yours truly, my week was educational, albeit exhausting.  I started early by participating in the CISO Summit on Tuesday where I hosted a panel on AI and machine learning in cybersecurity.  My week ended with a Thursday dinner brainstorming session on cybersecurity operations.  There were dozens of formal and informal meetings in between. To read this article in full, please click here

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place