Cloudy Future for Security Analytics

When you think of security analytics and operations, one technology tends to come to mind – security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and remains the primary security operations platform today. Vendors in this space today include AlienVault (AT&T), IBM (QRadar), LogRhythm, McAfee, and Splunk....

Read More

Enterprise[s]… Establishing a “Cybersecurity Cavalry”

Based upon numerous discussions I’ve had with CISOs, the cybersecurity cavalry [highly-skilled and well-armed troops that establish security outposts to encounter adversaries out on the frontier] isn’t a passing fad but rather a major organizational shift that is gaining momentum. Indeed, large organizations are rapidly adding headcount and increasing budgets for this group. I’ve also seen financial services, defense contractors, and...

Read More

Big Data Security Analytics “Plumbing”

According to 2012 ESG research, 44% of enterprise organizations (i.e., those with more than 1,000 employees) considered their security data collection and analysis a “big data” application while another 44% believed that their security data collection and analysis would become a big data application within the following two years. Furthermore, 86% of enterprises collected substantially more or somewhat more security data than they had...

Read More

Enterprise(s)… Taking Steps to Improve … Analytics

Last week, online retail giant eBay announced that it was hacked between February and March of this year with stolen login credentials of an eBay employee. This gave the hackers access to the user records of 145 million users including home addresses, e-mail addresses, dates of birth, and encrypted passwords. It appears that the hackers made copies of this data so eBay is advising all users to change their passwords. The eBay hack is...

Read More

RSAC Recap: Positive Direction for Security Industry

Last week’s RSA Conference was a whirlwind of meetings, presentations, and unusual west coast rain storms. I’m not sure about the attendance numbers but it seemed especially busy – not surprising after the many cybersecurity events of 2013. I met with around 40 different security vendors throughout the week and heard some encouraging news. Rather than crow about the latest technology fad or threat Du Jour, many security vendors are...

Read More