…Cloud-based or On-premises Security Technologies?

Cybersecurity professionals are paid to be paranoid and tend to want to control everything they can to minimize surprises or third-party dependencies This has always been the case with regards to security technology. Historically, CISOs mistrusted managed services, preferring instead to “own” the deployment and operations associated with their security technologies. While cultural attitudes toward security control remain today,...

Read More

The True Value of SaaS and Managed Service Offerings

SaaS companies carry huge valuations when compared with traditional licensed software companies. It took me forever to figure out why, but I did. At first blush, one might believe that Wall Street values subscription revenue over one-time revenue—and truth be told, they do. Why? Because it’s a hell of a lot more predictable revenue stream for a company to manage than ad hoc revenue. I get that, but the gap is still too big for what,...

Read More

…Linking Development and Security…

This conversation with Doug Cahill examines the crucial – but all-too-often overlooked – necessity for cooperation between DevOps and Security teams. While there’s pretty much universal agreement that built-in security is better than bolted-on security, nonetheless the apparently (or at least potentially) competing objectives of DevOps (faster, faster, leaner) and Security (careful, careful, preclude risk) can appear to...

Read More

CISOs Recommend Future Actions…

Each year, ESG conducts a research project with the Information Systems Security Association (ISSA) on the mindset of cybersecurity professionals (the 2017 report is available here). As part of last year’s research, we asked respondents to identify the top actions their organizations should take in the future to improve cybersecurity. We then looked at this data based upon respondents’ roles, so we could look at the specific...

Read More

…Infrastructure Compatibility and VMware Cloud on AWS

Much of the discussion when it comes to moving workloads from on-premises data centers to cloud infrastructure-as-a-service (IaaS) is about the need to lift and shift VMs. The problem is that much of the discussion is about what happens after the lift and shift, in terms of the operational and cost-side of running VMs in IaaS. What has been missing is the discussion of how to get those VMs into the cloud in the first place. I can...

Read More