Cybersecurity Goes Private: McAfee and RSA

There are some interesting industry dynamics going on in the cybersecurity market. Just a few months ago, Symantec bought Blue Coat, taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private. When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company. Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company. To read the complete article, CLICK...

Read More
Data Protection: The Good, The Bad and The Ugly
Jun29

Data Protection: The Good, The Bad and The Ugly

’The Good, The Bad and The Ugly’ was Clint Eastwood’ last and best spaghetti western, and it’s also a very popular description of the cybersecurity industry, to which I will now shamelessly expropriate to describe the findings from EMC’s new global enterprise backup survey, ‘Are You Protected?’. Similar to virtually every other security study I see, the survey reports improvements in some areas, some problems in other areas, and the usual plug for new solutions that will make you more secure, less vulnerable or more likely fall somewhere in between. The survey results are very topical, said Peter Smails, VP, Marketing, Core Technologies, EMC. It also gives the company, which will soon become part of Dell, an opportunity “to talk about everything we’re doing to address those challenges.” While I found it interesting that this conversation was held with EMC, and not RSA, it’s security business, Smails told IT Trends & Analysis who better to address data protection than the company that stores most of that data. The key findings of the survey of IT decision makers at 2,200 organizations included: -incidents of traditional data loss and disruption are down since 2014, but new challenges mean 13% more businesses experienced loss overall; -over half of businesses fail to protect data in the cloud despite more than 80% indicating they will rely on SaaS-based business applications; -36% have lost data in the last year as the result of a security breach; -73% are not very confident they can protect flash storage environments; and, -the average cost of data loss is more than $914,000. People are getting smarter about data protection, said Smails, but they continue to experience data loss. “You need to be vigilant. The world is evolving quickly.” According to a new RSA survey, 75% of survey respondents have a significant cybersecurity risk exposure, and nearly half characterized essential Incident Response (IR) capabilities as ‘ad hoc’ or ‘non-existent’. “We need to change the way we are thinking about security, to focus on more than just prevention – to develop a strategy that emphasizes detection and response,” stated RSA President Amit Yoran. As noted in Sea Of Alarms, one of cybersecurity’s biggest problems isn’t finding a problem, but rather finding and dealing with the most pressing problem. According to a recent survey, nearly 74% of those surveyed reported that security events/alerts are simply ignored because their teams can’t keep up with the suffocating volume. Then there was the new ‘new’ study I just received which identified complext IT security as a growing problem. According to security vendor IS Decisions’ survey of 250 US organizations, on average each employee loses 21.88...

Read More

…Network Visibility for Precrime, Incrime, Postcrime

Following up on my previous blog on network visibility, I want to distinguish pre-crime, in-crime and post-crime network based cybercrime. Pre-crime is like someone visiting you at home with an unexpected knock on your door. You: “Who’s there?” Them: “Oh, I’m just here to pick up a package”. You: “Not me. I didn’t request that”. Them: “Sorry, must be the wrong address.” (They’re thinking: “OK, this house is occupied, better not burgle them”.) To read the complete article, CLICK...

Read More
GRC Bullseye? RSA Updates Archer Platform
Nov04

GRC Bullseye? RSA Updates Archer Platform

EMC’s RSA Security division has announced a new release (6.0) of its Archer Goverance, Risk and Compliance (GRC) Platform at this week’s RSA Conference Abu Dhabi, intended to inspire ‘everyone to own risk within the enterprise’. This market is hot, and depending upon the source, is only going to get hotter, but it is not without some major challenges. “Risk is no longer just the responsibility of executives,” said Grant Geyer, Senior Vice President of Products, RSA, in a prepared statement. “To keep up with the uncertainty and complexity triggered by rapid changes in business today, organizations are decentralizing risk management to put it as close as possible to the risk itself. As front line employees are being asked to contribute more towards risk management, we have focused heavily on usability in the new RSA Archer 6.0 platform.” New Archer features, which will be available only for new, on-premises installations on November 10, include: -an enhanced user experience with a simpler but more powerful user interface and advanced workflow capabilities; and, -enhancements to Archer Operational Risk Management to help streamline how organizations identify, assess, respond, and monitor existing and emerging risks. GRC is about the practice, not the technology, said Marshall Toburen, GRC Strategist, Enterprise Risk Management, RSA. He told IT Trends & Analysis “I couldn’t agree with that more”, when asked to comment on this quote: ‘Organizations do not buy GRC, they do GRC. (GRC 20/20 Research)’ “What this release does is acknowledge that fact.” Whatever organizations are doing about GRC, they’re also buying GRC. The GRC market is expected to reach $2.592 billion this year, driven by the need for a federated architecture approach to handle the GRC ‘data tsunami’. “The idea of a single GRC platform to meet all of an institution’s needs is a myth,” Shagun Bali, TABB technology analyst and author of The Data Tsunami: Combating the Overwhelming Supply of GRC Data. “But no single IT tool has all the answers, which is why firms need to create cohesive business processes to manage various functions and technologies in sync.” Another report values this year’s GRC market more than four times higher, at $11.89 billion – and that’s excluding the professional services component. The enterprise segment represents about 10% of this figure. A third report estimates the market is even bigger: the global enterprise governance, risk, and compliance market will grow from $15.98 billion in 2015 to $31.77 billion by 2020, at a CAGR of 14.7%. North America is expected to be the largest market in terms of market size, while Europe and Asia-Pacific (APAC) are expected to experience increased market traction during the forecast...

Read More
The EMC Elephant Stomps Dell World
Oct21

The EMC Elephant Stomps Dell World

AUSTIN, TEXAS: While EMC will enable Dell to join IT’s 800-pound-gorilla club, pretty much everybody at Dell World 2015 — especially a really pumped Michael Dell and his executive team — is talking about the proposed acquisition, and speculating on what it means for the companies involved, their customers and prospects, and their competitors. So now the gorilla can keep company with the elephant-in-the-room metaphor. The stomping began on October 12 when Michael Dell, MSD Partners and Silver Lake announced the proposed acquisition of EMC in a deal valued at $67 billion, dwarfing all other previous IT mergers and acquisitions. Michael said the transaction will unite Dell’s ‘strength with small business and mid-market customers with EMC’s strength with large enterprises to fuel profitable growth and generate significant cash flows.’ “Our new company will be exceptionally well-positioned for growth in the most strategic areas of next generation IT including digital transformation, software-defined data center, converged infrastructure, hybrid cloud, mobile and security,” he said in a prepared statement. His EMC counterpart, Joe Tucci, was equally optimistic about the new company’s prospects, and why the acquisition was necessary: “… the waves of change we now see in our industry are unprecedented and, to navigate this change, we must create a new company for a new era.” The combination of EMC and Dell will create an $80-billion company, said Michael at a press event on Tuesday. For its most recent quarter EMC reported consolidated revenue of $6.07 billion, with VMware contributing $1.59B, and Pivotal a meager $64 million. That would put Dell’s share at $56 billion, which is in keeping with the best guesstimates for the private company. “Go big or go home, baby,” said Michael, talking about how EMC addresses the issue of a privately held company making aggressive acquisitions. However, from a financial perspective, the acquisition is expected to add more than $40B — as part of the $50B-plus EMC will cost — to the $12B still outstanding from the $25B it cost to take Dell private. “Dell and EMC are a dream combination,” he said. “We complement each other beautifully.” Combined, the two companies lead in 22 Gartner Magic Quadrants, said Michael. As an added bonus, EMC will now be private and out from under the 90-day financial proctology exam that is the norm for public companies. “As I like to say, EMC, $67 billion. Being master of your own destiny, priceless!” In an open letter, Michael shared his thoughts and intentions on VMware, basically committing to ‘continue to offer choice and multiple partner offerings as we always have and always will.’ VMware will remain an independent public company, and there are...

Read More