CA’s BTCS2.1: Where Do We GrOw From Here?
Jun14

CA’s BTCS2.1: Where Do We GrOw From Here?

At last week’s second annual Built to Change Summit CA Technologies updated analysts and journalists on where it and the markets it’s pursuing — primarily DevSecOps, with a heaping helping of mainframe — are, where they’re going, and how the software toolmaker will grab a bigger slice of the rapidly growing digital transformation (DT) pie, which is being largely driven by software, and more specifically, applications. While the money being lavished on DT and DevSecOps are staggering, CA’s ability to grow with this opportunity remains at best a work in progress, with relatively flat sales and forecasts. Based on the market data, CA should be in the DT/DevSecOps sweet spot, and poised for rapid and sustainable growth. According to a new report, IDC’s forecast for the global DevOps software market — in excess of $5.6 billion by 2021 — was way off. MarketsandMarkets predicts that CA’s future has a much bigger potential upside — $10.31 billion by 2023 — up from $3.42 billion in 2018. Even better for CA, the market growth will be powered ‘due to the increase in the adoption rate of Artificial Intelligence (AI) and machine learning among enterprises.’ So all that remains to be seen is if CA can continue to grow with the software-enabled, data-driven, digital transformation business phenomenon that will run on DevSecOps, while reducing, if not eliminating, the shackles of its legacy businesses and embraces software-as-a-service and more flexible pay-as-you-go consumption models. It faces many competitors — including IBM, Micro Focus (HPE), Puppet, Red Hat, Microsoft and Chef Software — and must continue to innovate at speed, and execute with precision and agility. That’s a lot to ask, but for a company that’s been around since 1976, probably not too much. Automation, AI and ML were front and center at BTCS 2, and while the company didn’t coin this phrase — “Software is eating the world but AI is eating software” — it was critical to the company’s future, said Ashok Reddy, Group GM, DevOps. He and other company execs, made it clear that artificial intelligence and machine learning were being aggressively pursured in a multitude of initiatives and products. Just prior to the summit, CA’s CTO and EVP Otto Berkes said there is “massive potential” to apply machine learning and machine intelligence. amd that the company has some “very pragmatic solutions” already in the market, and is doing a “lot of experimentation” on machine learning and machine intelligence. They figured prominently in last weeks product initiatives, as well as a number of its boundary-stretching initiatives, i.e. CA Accelerator, its internal fail-fast venture-capital program, and its Strategic Research intiative, under which a...

Read More

Cisco Security Synopsis from CiscoLive

Cisco held its annual customer event this week in Orlando FLA and invited the industry analysts to attend. CEO Chuck Robbins highlighted the company’s commitment to security in his CiscoLive keynote while other executives elaborated on more security product and services details. After a few days of meetings, I believe Cisco’s cybersecurity strategy focuses on: Product integration. Cisco wants a common cybersecurity product architecture that spans endpoints, networks, data centers, and the public cloud, and that can service most of its customers’ cybersecurity technology needs. As a result, Cisco is busy integrating products and services like AMP, Umbrella, Firepower, Talos, etc. Cisco demonstrated its platform and discussed its future roadmap in detail. -Openness and programmability. Beyond gluing its own products together, Cisco’s cybersecurity platform is built with connectors and APIs for third-party integration and programmability. To illustrate its technology alliance partner ecosystem, Cisco crowed about dozens of partners including Anomali, IBM, LogRhythm, and McAfee. Cisco’s intent-based networking programmability also extends to security for service providers taking advantage of APIs and building value-added services on top of Cisco security tools. To read the complete article, CLICK...

Read More

Talking Cloud Cybersecurity…

In this discussion, part of ESG’s ongoing 360 Video Series, Doug Cahill talks about not just the intricacies of cloud security – both of applications for Saas models and of infrastructure for IaaS – but also the opportunities that doing cloud security well can afford a business. It’s not simply a matter of ever more “padlocks on doors” but rather is a matter of making cloud security part of an integrated process; this is especially crucial when so many organizations are essentially [at least to some degree] software developers, using approaches such as hybrid models and containers that can potentially expand the threat landscape if not pre-handled. IT has probably never been more complex and demanding than today: even as approaches such as convergence, myriad clouds, containers, and software-definition (etc.) seek to make operations simpler, so to a degree such elements can also obfuscate some of the underlying subtleties and opportunities of the foundational components. After all, while it’s great to focus on purchasing – for instance – application service levels or business outcomes, some understanding of the IT elements (and considerations or choices) that contribute to those is also often useful. That is the purpose of this video discussion series: it offers ESG’s subject matter experts discussing some of the key trends, drivers, and considerations across various IT areas. We aim to do it succinctly and to deliver it in engaging, plain English – while also tying each technology area back to its eventual potential to positively impact both IT and business results. To read the complete article, CLICK...

Read More

…Network Security Policy Management for Hybrid Clouds

As organizations embraced the public cloud over the past few years, security teams were on the hook to modify network security policies and implement security controls to protect cloud-based workloads. The goal was simple: Protect cloud-based workloads with network security polices and controls that were equal to or better than existing safeguards for physical and virtual servers in corporate data centers. This turned out to be far more difficult than expected.  Many organizations tried to force fit their existing security controls (firewalls, ACLs, network segments, VPNs, etc.) to accommodate cloud-based workloads. This turned out to be a technology mismatch as security controls built for physical and virtual servers were too inflexible to service the public cloud. As an alternative, a lot of firms decided the best bet was to create a customized network security infrastructure for the cloud with its own controls and associated policies. According to ESG research, 70% of organizations use separate controls for public cloud-based resources and on-premises VMs and servers today. To read the complete article, CLICK...

Read More

Analyst-centric Security Operations

Let’s face it, cybersecurity is a geeky domain. While much of IT has shifted its focus to things like business processes enablement and digital transformation, infosec pros still spend much of their waking hours in the weeds, looking at things like protocol anomalies, SQL statements, command shells, etc. This technical purview has been a highlight of security operations products since their inception. In the early days (late 1990s), security analysts’ jobs depended upon technical tools like TCPdump and Ethereal/Wireshark to look for suspicious activities within network packets. The next step was searching for clues through Syslog and then this led to the use of log management tools and then the evolution of SIEM in the 1999-2000 timeframe. To read the complete article, CLICK...

Read More