The New McAfee

I’ve worked with McAfee for a long time – from its independent days, during the Network Associates timeframe, through financial issues, back to McAfee and the go-go Dave DeWalt era, and finally as Intel Security. To be honest, Intel’s acquisition of McAfee was always a head scratcher for me. The 20-somethings on Wall Street crowed about Intel cramming McAfee security in its chip set but this made no sense to me – Intel had long added security (and other) functionality into its processors with lukewarm market reception. The two cultures were a mismatch as well. Ultimately it seems that Intel came to a similar conclusion and recently spun out McAfee in a private equity stew. So, what are the prospects for McAfee this time around? Like comedy, timing is everything when it comes to financial markets, customer demand, and market opportunity. The new McAfee starts its comeback in a robust $100 billion+ cybersecurity market where customers want help, vision, and leadership from their cybersecurity vendors. McAfee has a few real strengths it can deliver to this hungry market including: To read the complete article, CLICK...

Read More

Cybersecurity Goes Private: McAfee and RSA

There are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat, taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company. To read the complete article, CLICK...

Read More
Cybersecurity: The Emperor’s New Clothes
Jul21

Cybersecurity: The Emperor’s New Clothes

Intel Security has just released a new report that once again illustrates the threadbare state of cybersecurity: most organizations believe they are better protected than the facts support. “We believe we have a degree of overconfidence, possibly complacency,” said Raj Samani, EMEA CTO, Intel. The survey of IT executives within critical infrastructure organizations, ‘Holding the Line Against Cyber Threats: Critical Infrastructure Readiness Survey‘, produced by Intel Security and The Aspen Institute, found that 41% of respondents are already experiencing physical damage from attacks, and that 86% want more public-private cooperation. “This data raises new and vital questions about how public and private interests can best join forces to mitigate and defend against cyberattacks,” said Clark Kent Ervin, Director, Homeland Security Program, Aspen Institute, in a prepared statement. “This issue must be addressed by policymakers and corporate leaders alike.” Critical infrastructure security – or its lack – has been all over the news recently, including: -Germany passes strict cybersecurity law to protect ‘critical infrastructure’ -Ireland gears up for cyber war with a new strategy to protect critical infrastructure; -Britain’s Ministry of Defence fends off thousands of cyber attacks every day while its military systems log more than a million suspicious incidents on a daily basis; -the government of Canada was the target of a distributed denial of service (DDoS) attack that took down multiple federal websites, including those of the Departments of Justice, and Foreign Affairs; and, -Poland’s national airline had to ground 22 of its planes after finding hackers had attacked its computer system in Warsaw. At the end of June Tripwire reported that nearly all critical infrastructure industry executives recognize that their organizations are targets for cybercriminals, and more than half (61%) are confident their systems could detect attack in less than a day. The company questions this confidence. “The idea that these attacks would be detected quickly is basically a perception that’s driven from the ability of these organizations to deliver energy with very high availability,” wrote Rekha Shenoy, VP of business and corporate development for Tripwire. “However, in our experience, these organizations don’t have the visibility into cybersecurity issues that would allow them to detect an attack faster than other industries.” According to a new report a cyber attack on the US east coast could cost the economy $1 trillion. “The evidence of major attacks during 2014 suggests that attackers were often able to exploit vulnerabilities faster than defenders could remedy them,” Tom Bolt, director of performance management at Lloyd’s, said in the report from the University of Cambridge Centre for Risk Studies and the Lloyd’s of London insurance market. A lot of money is being...

Read More

Enterprise[s]… Establishing a “Cybersecurity Cavalry”

Based upon numerous discussions I’ve had with CISOs, the cybersecurity cavalry [highly-skilled and well-armed troops that establish security outposts to encounter adversaries out on the frontier] isn’t a passing fad but rather a major organizational shift that is gaining momentum. Indeed, large organizations are rapidly adding headcount and increasing budgets for this group. I’ve also seen financial services, defense contractors, and retail organizations giving CISOs the cybersecurity equivalent of eminent domain, allowing them to commandeer IT segments, sound alarm bells, and establish active network policy enforcement actions to improve threat response, even if these actions may temporarily disrupt business operations. This type of authority was unheard of in the past. To read the complete article, CLICK...

Read More

Cisco, FireEye Announcements: A Microcosm of the …

The Cisco and FireEye announcements are a microcosm of what’s happening in cybersecurity. Large organizations are abandoning individual point tools in favor of integrated cybersecurity technology architectures – exactly why Cisco bought Sourcefire and is now bringing the best of both companies together. Aside from technology alone, CISOs also need to supplement internal infosec resources with the right skills. FireEye is now addressing this. These trends are not a secret – other vendors including HP, IBM, RSA, and Symantec have their own plans for integrated security technology architecture and managed/professional services. This may be the market direction but it’s important to note that the move toward integrated security architecture and managed services represents a major cybersecurity transition for enterprise organizations. Vendors who can guide customers through this evolution with the right project plans, reference architectures, and industry-specific implementation guidelines will put themselves in the best position. To read the complete article, CLICK...

Read More