Dell Security Aims To Be One Step Ahead
Dec08

Dell Security Aims To Be One Step Ahead

It’s still too early to talk about Dell EMC’s security plans, said Brett Hansen, VP, Endpoint Data Security and Management, Dell, but he tells IT Trends & Analysis there is a lot of work going on behind the scenes on the future of the company’s post-merger enterprise security strategy. “I’m like a kid in the candy store with this acquisition.” What’s not to be excited about? Cybersecurity is getting a lot more attention — and customer budgets — and the acqusition brings together two sets of technology assets, skills and customer bases. While overall IT spending may be inching upward, security is expected to grow at a compound annual growth rate of 8.3% through 2020, from $73.6 billion in 2016 to more than $100 billion. Other estimates put this year’s cybersecurity spend at $122.45 billion, and a 10.6% CAGR to $202.36 billion by 2021. EMC’s former security division, RSA (with more than 30,000 customers), will retain its autonomy, but will benefit from being part of the world’s largest privately controlled technology company, said president Amit Yoran in a September conference call. “RSA is now part of the broader Dell Technologies – a much broader platform that allows us to make decisions along private company timelines and horizons for a more strategic perspective, and less maniacally focused on the 90-day public company window,” he stated. “There is a natural upside [for enterprises] of having the broader ecosystem of Dell Technologies from a leveraging relationships standpoint.” He said authentication and identity, advanced security operations and analytics, and the business context and business drivers around those will continue to be the three key areas that RSA is focusing on. As for the unit’s R&D focus, he said in a world where there is no longer any perimeter, being able to identify who is where on what and provide them the appropriate access with strong multi-factor authentication and an elegant user experience “is a key area where RSA has great capability and we will continue to invest aggressively in R&D in that area”. In addition, it is investing heavily in advanced security operations, which includes RSA’s endpoint threat detection and response product Ecat, the NetWitness suite, and all the analytics around those. “Ultimately, context matters most to the organisation. What is mission-critical, what is business-critical, what is required from a compliance and regulatory perspective, and ensuring that the limited security resources are being spent on the most impactful and critical things for the enterprise,” said Yoran. In June, prior to the acquisition’s close, EMC announced the findings from its global enterprise backup survey, ‘Are You Protected?’, which included: -incidents of traditional data loss...

Read More

Goodbye SIEM, Hello SOAPA

Security information and event management (SIEM) systems have been around for a dozen years or so. During that timeframe, SIEMs evolved from perimeter security event correlation tools, to GRC platforms, to security analytics systems. Early vendors like eSecurity, GuardedNet, Intellitactics, and NetForensics, are distant memories; today’s SIEM market is now dominated by a few leaders: LogRhythm, McAfee (aka: Nitro Security), HP (aka: ArcSight), IBM (aka: QRadar), and Splunk. Of course, there is a community of innovative upstarts that believe that SIEM is a legacy technology. They proclaim that log management and event correlation can’t keep up with the pace of cybersecurity today, thus you need new technologies like artificial intelligence, machine learning algorithms, and neural networks to consume, process, and analyze security data in real-time. To read the complete article, CLICK...

Read More

Goodbye NAC, Hello Software-defined Perimeter (SDP)

Those of us who’ve been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco’s network admission control (a.k.a. Cisco NAC), Microsoft’s network access protection (NAP), and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.). To read the complete article, CLICK...

Read More

AWS re:Invent Preview… Cloud-Delivered Security

The seminal cloud computing event, AWS re:Invent is coming up and cybersecurity is likely to once again be front and center with Amazon, vendors, and customers all discussing best practices for securing cloud and hybrid cloud environments. At the same time, some cybersecurity vendors will be sharing how they leverage the agility and ubiquity of the cloud as a delivery platform to offer security-as-a-service. To read the complete article, CLICK...

Read More

The Scary State of the Cybersecurity Profession

Most discussions about cybersecurity tend to go right to technology, and these days usually start with the words “next-generation” as in next-generation firewalls, IPS, endpoint security etc. I get it since innovative technology is sexy, but it’s important to realize that skilled cybersecurity professionals anchor cybersecurity best practices. We depend on actual people to configure controls, sort through data minutiae to detect problems, and remediate issues in a timely manner. Since these folks protect all our digital assets daily, it’s only natural that we’d be curious as to how they are doing. To measure these feelings, ESG teamed up with the Information Systems Security Association (ISSA) and conducted a survey of 437 global cybersecurity professionals. This project resulted in a recently published research report. To read the complete article, CLICK...

Read More