Ten Takeaways from the Splunk User Conference

I spent the early part of this week in Orlando, attending Splunk .Conf 2018. Here are a few of my takeaways: -Data ingestion. Collecting and processing a growing body of security telemetry. -Finding and blocking known threats. -Using advanced analytics to identify new attacks and then spreading the warning around to all connected customers. To read the complete article, CLICK...

Read More

Cloudy Future for Security Analytics

When you think of security analytics and operations, one technology tends to come to mind – security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and remains the primary security operations platform today. Vendors in this space today include AlienVault (AT&T), IBM (QRadar), LogRhythm, McAfee, and Splunk....

Read More

…Cloud-based or On-premises Security Technologies?

Cybersecurity professionals are paid to be paranoid and tend to want to control everything they can to minimize surprises or third-party dependencies This has always been the case with regards to security technology. Historically, CISOs mistrusted managed services, preferring instead to “own” the deployment and operations associated with their security technologies. While cultural attitudes toward security control remain today,...

Read More

CISOs Recommend Future Actions…

Each year, ESG conducts a research project with the Information Systems Security Association (ISSA) on the mindset of cybersecurity professionals (the 2017 report is available here). As part of last year’s research, we asked respondents to identify the top actions their organizations should take in the future to improve cybersecurity. We then looked at this data based upon respondents’ roles, so we could look at the specific...

Read More

The New Endpoint Security Market…

Venture capital investments in cybersecurity companies are aggressive these days but yesterday’s news was startling nonetheless. First, Cylance announced a round of $120 million led by Blackstone Tactical Opportunities. Cylance says that the funding will help it expand sales and marketing initiatives and extend its global footprint. Not to be outdone, Cylance archenemy CrowdStrike announced a round of $200m, led by General Atlantic...

Read More