Cisco: Just Because You’re Paranoid…
Apr19

Cisco: Just Because You’re Paranoid…

“Just because you’re paranoid doesn’t mean they aren’t after you.” Joseph Heller, Catch-22   With most of the cybersecurity world gathered in San Francisco for this week’s RSA Conference 2018, the timing was impeccable: on Monday Cisco made significant endpoint and email protection announcements; that was also the day the U.S. Computer Emergency Readiness Team issued a warning that ‘Russian hackers are attacking networking devices, network management protocols and the Cisco Smart Install Client that belong to governments, infrastructure providers and businesses.’ According to the networking giant, more than 168,000 systems are potentially exposed via that client. “Russian state-sponsored cyber actors have conducted both broad-scale and targeted scanning of Internet address spaces. Such scanning allows these actors to identify enabled Internet-facing ports and services, conduct device fingerprinting, and discover vulnerable network infrastructure devices,” said the April 16 alert, which was based on results of analytic efforts between the Department of Homeland Security, the FBI and the United Kingdom’s National Cyber Security Centre. Cisco noted several incidents in a release on April 5. “We are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.” While Cisco might rue the timing of the hacker alert, it is generally a good time to be in the cybersecurity business: -the data protection market is expected to grow from $57.22 billion in 2017 to $119.95 billion by 2022, at a Compound Annual Growth Rate of 16%, and, -the total cybersecurity market will grow at a CAGR of 11%, from last year’s $137.85 billion to $231.94 billion by 2022. The reason this market is so hot, is because the threats are escalating even faster: – malware attacks increased 18.4% year-over-year to 9.32 billion in 2017; -while ransomware attacks dropped from 638 million to 184 million between 2016 and 2017, ransomware variants increased 101.2%; -the average organization will see almost 900 file-based attacks per year hidden by SSL/TLS encryption; -32% of breaches affected more than half of respondents’ systems, compared with 15% in 2016; -more than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs; -complexity is growing: in 2017, 25% of security professionals said they used products from 11 to 20 vendors, compared with 18% in 2016; and, -time to detection has improved from the 39-hour median TTD reported in November 2015, and the 14-hour median reported in 2017. To add injury to insult: -only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate; and, -in almost all breaches (93%), it...

Read More

How Enterprise Organizations Benefit from SOAPA

I’ve written about SOAPA for almost a year now, here’s a link to the original blog I posted last November. The concept seems to be catching on in the industry. I’ve had lots of industry leaders participate in SOAPA videos with me and there are many more videos in the works. I’m happy to say that SOAPA isn’t just an analyst idea or industry buzzword. In fact, 21% of enterprise organizations say that they are very active in integrating security operations technologies and creating a security operations architecture is one of their highest priorities, while another 50% are somewhat active in this area. Security pros are moving to SOAPA for several reasons: To read the complete article, CLICK...

Read More
Micro Focus HyPEs New Security Business
Sep14

Micro Focus HyPEs New Security Business

“It was the best of times, it was the worst of times…” Charles Dickens, A Tale of Two Cities (1859)   Last week Equifax, a supplier of credit information, reported that a recent data breach could affect up to 143 million consumers in the U.S. It’s even worse for businesses: according to Cisco’s 2017 Midyear Cybersecurity Report, only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate. More than 150 years ago author Charles Dickens started off his novel ‘A Tale of Two Cities’ with “It was the best of times, it was the worst of times…”, and that line is still timely when it comes to cybersecurity and the new and improved Micro Focus. The new company officially debuted on September 1 with the ‘spin-merge’ acquisition of Hewlett Packard Enterprise’s software business valued at $8.8 billion, making it the world’s ‘seventh largest pure-play software company’, with annual revenue of $4.4 billion. Chris Hsu, formerly COO of HPE and EVP and GM of HPE Software, is now CEO of Micro Focus. Under the terms of the deal, HPE shareholders own 50.1% of the new company, which works out to approximately $6.3 billion, which is in addition to the $2.5 billion cash payment that HPE received. The deal involved the ArcSight security and Mercury Interactive application management assets, as well as the late and unlamented Autonomy Corp. plc, which HP acquired in 2011 for $11.1 billion (more than $16 billion for all three acquisitions), but ended up writing off almost $9 billion of the purchase price. According to Securities and Exchange Commission filings, HPE’s software business revenue in the 12 months through Oct. 31, 2016 were $3.17 billion. ITOM (IT Operations Management) comprised 61% of the revenue; Enterprise Security Products (18%); Information Management and Governance (16%); and Big Data Analytics (5%). Revenue for all products broke down to: 28% license, 9% software-as-a-service (SaaS), 50% maintenance, and 13% professional services. On Tuesday the company refreshed its expanded security portfolio, with new and enhanced offerings, including: -ArcSight Data Platform (ADP) 2.2 (GA October) brings native, realtime log parsing, security data enrichment and normalization into the innovative Event Broker for security operations that scales to any data volumes, building the power of ArcSight’s connectors directly into the Event Broker; -a new partnership provides IT and security teams with data that has been enriched for better visibility and customization within powerful search dashboards of Elastic; –ArcSight Investigate 2.0 (GA October) with built-in security analytics displayed in pre-defined dashboards that are powered by Vertica to provide actionable intelligence for front-line analysts; -Change Guardian 5.0...

Read More

The New McAfee

I’ve worked with McAfee for a long time – from its independent days, during the Network Associates timeframe, through financial issues, back to McAfee and the go-go Dave DeWalt era, and finally as Intel Security. To be honest, Intel’s acquisition of McAfee was always a head scratcher for me. The 20-somethings on Wall Street crowed about Intel cramming McAfee security in its chip set but this made no sense to me – Intel had long added security (and other) functionality into its processors with lukewarm market reception. The two cultures were a mismatch as well. Ultimately it seems that Intel came to a similar conclusion and recently spun out McAfee in a private equity stew. So, what are the prospects for McAfee this time around? Like comedy, timing is everything when it comes to financial markets, customer demand, and market opportunity. The new McAfee starts its comeback in a robust $100 billion+ cybersecurity market where customers want help, vision, and leadership from their cybersecurity vendors. McAfee has a few real strengths it can deliver to this hungry market including: To read the complete article, CLICK...

Read More

Cybersecurity Goes Private: McAfee and RSA

There are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat, taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company. To read the complete article, CLICK...

Read More