Security Operations Spending and ROI

ESG recently surveyed 412 cybersecurity and IT professionals asking a number of questions about their organization’s security analytics and operations. Overall, security operations are quite difficult, many organizations complain about too many manual processes, too many disconnected point tools, and a real shortage of the right skills. These issues can lead to lengthy incident detection and response cycles or worse yet, damaging data breaches. Just ask Equifax. To read the complete article, CLICK...

Read More

Toward Enterprise Security Technology Integration

Last week, I posted a blog about the move toward cybersecurity vendor and technology consolidation along with a growing emphasis on technology integration in the enterprise. Here’s some additional data that reinforces these conclusions. As part of a recent ESG research project, 176 cybersecurity and IT professionals were presented with several statements and asked whether they agreed or disagreed with each one. Here are the results: To read the complete article, CLICK...

Read More

Cybersecurity Skills Shortage Impact on Technology Innovation

I continue to research and write about the ongoing global cybersecurity skills shortage. For example, ESG research indicates that 45% of organizations report a problematic shortage of cybersecurity skills today, more than any other area within IT. Want more?  Here are a few tidbits from last year’s research project done in conjunction with the Information Systems Security Association (ISSA). In a survey of 437 cybersecurity professionals and ISSA members: 29% of cybersecurity professionals say that the global cybersecurity skills shortage has had a significant impact on their organization. Another 40% say that the global cybersecurity skills shortage has impacted their organization somewhat. To read the complete article, CLICK...

Read More

Security Analytics and Operations at RSA

So far, I’ve written two blogs about my expectations for the upcoming RSA Security Conference next week. The first blog was about my outlook for endpoint security while the second focused on network security. I am also in the middle of a big research project on security analytics and operations right now and believe that many independent technologies will be integrated into a comprehensive architecture that ESG calls SOAPA (i.e., security operations and analytics platform architecture). Here’s another blog where I define the SOAPA architecture and all the consolidating piece parts. With SOAPA in mind, here’s what I’m expecting to see at RSA: To read the complete article, CLICK...

Read More