Talking Cloud Cybersecurity…

In this discussion, part of ESG’s ongoing 360 Video Series, Doug Cahill talks about not just the intricacies of cloud security – both of applications for Saas models and of infrastructure for IaaS – but also the opportunities that doing cloud security well can afford a business. It’s not simply a matter of ever more “padlocks on doors” but rather is a matter of making cloud security part of an integrated process; this is especially crucial when so many organizations are essentially [at least to some degree] software developers, using approaches such as hybrid models and containers that can potentially expand the threat landscape if not pre-handled. IT has probably never been more complex and demanding than today: even as approaches such as convergence, myriad clouds, containers, and software-definition (etc.) seek to make operations simpler, so to a degree such elements can also obfuscate some of the underlying subtleties and opportunities of the foundational components. After all, while it’s great to focus on purchasing – for instance – application service levels or business outcomes, some understanding of the IT elements (and considerations or choices) that contribute to those is also often useful. That is the purpose of this video discussion series: it offers ESG’s subject matter experts discussing some of the key trends, drivers, and considerations across various IT areas. We aim to do it succinctly and to deliver it in engaging, plain English – while also tying each technology area back to its eventual potential to positively impact both IT and business results. To read the complete article, CLICK...

Read More

Cloud Security Will… Dominate the RSA Conference

Just a few days left before this year’s RSA Conference in San Francisco and everything points to a crazy week at the Moscone Center. I’ve heard that around 50,000 people will attend and that the Moscone Center is a mess of construction right now, so just getting in and out of the buildings may be difficult. Now, I’ve written a lot lately about my outlook for RSA as I expect a lot of banter around endpoint security, machine learning, security operations automation and orchestration, threat intelligence, risk management, etc. Yup, there will be a smorgasbord of topics throughout the week, but cloud security will dominate this year’s RSA Conference. Why the focus on cloud security? Because today’s messy situation is a mismatch for the importance and pace of adoption of cloud computing. Here at ESG we’ve been tracking cloud security, led by my colleague and cloud security guru Doug Cahill. Here’s a brief synopsis of the cloud security landscape today: To read the complete article, CLICK...

Read More

What’s Holding Back Enterprise Security…

Last week, I wrote a blog about the rapid cycle of innovation happening with security technologies today – I’ve never experienced a time when every element of the security stack is transforming. New security technologies are arriving at an opportune time. According to ESG research, 69% have increased their cybersecurity budgets in 2017 and my guess is that they will continue to increase investment in 2018. And when asked which BUSINESS initiatives will drive the most IT spending, 39% of organizations responded, “increasing cybersecurity protection.” This means that business executives are buying into the need for cybersecurity improvements all around. So, it seems like transformative security technologies are arriving at the right place and time, right? Not so fast. Many of the technology changes I wrote about last week remain in their genesis stage and haven’t been deployed yet for several reasons including: To read the complete article, CLICK...

Read More

Phased Process for Cloud Security

My colleague Doug Cahill and I have been following the development of cloud security for the past few years. What we’ve noticed is that many organizations tend to track through a pattern of actions as their organization embraces public cloud computing. The sequence goes through the following order: To read the complete article, CLICK...

Read More

Cybersecurity Remains an Elusive Business Priority

I’ve been remiss by not blogging earlier this year about ESG’s annual IT spending intentions research. The year 2017 continues to follow a pattern—cybersecurity is a high business and IT priority for most organizations. Based upon a global survey of 641 IT and cybersecurity professionals, the ESG research reveals: To read the complete article, CLICK...

Read More