GDPR: What’s an Enterprise to Do?

June 30, 2017 by Leave a comment

G. Barton

G. Barton

Summary Bullets:

• Encryption is at the heart pf GDPR and can protect enterprises from potential breaches and mitigate the problems if they occur.

• Enterprises cannot expect ICT providers now to simply accept the risks associated with data handling and should look to work collaboratively.

At its analyst day on June 29, Interoute set out its view on GDPR and how it is seeking to help customers prepare their own operations for when GDPR goes live. Most IT providers are now beginning to talk about GDPR, and some such as AWS have already launched services that pre-empt GDPR’s requirements.

Read more of this post

Filed under Secure Tagged with

WannaCrypt Global Ransomware Attack Highlights a Worsening Data Hijacking Epidemic

May 15, 2017 by Leave a comment

E. Parizo

Summary Bullets:

  • WannaCry, the largest-ever ransomware attack, is likely a harbinger of what’s to come.
  • The emergence of ransomware highlights the importance of tying security to data backup and recovery.

Suddenly, the whole world knows about ransomware.

While ransomware is no secret to those in the cybersecurity industry who have seen a steadily growing number of isolated incidents, to everyone else, ransomware made its presence broadly known late last week. The largest-ever single ransomware incident, a variant of the WannaCrypt strain known (aptly) as WannaCry, caught tens of thousands of organizations in at least 150 countries by surprise, likely causing millions if not billions in damage. Read more of this post

Filed under Secure

The Top Five DevOps Takeaways from Google Cloud Next

March 10, 2017 by Leave a comment

C. Dunlap

C. Dunlap

Summary Bullets:

  • Google made its play for the enterprise based on hefty investment abilities and innovation in app development platforms and data analytics.
  • Google says it’s doubling down this year, and already winning over half of its cloud deal bids.

Pitted against Microsoft Azure and Amazon AWS, Google understands its messaging needs to address its ability to cater to the mission-critical businesses of global enterprises embarking on new digital initiatives. In a word, it’s about innovation. That’s exactly what execs focused on this week during Google Cloud Next in San Francisco: a shift from consumer to enterprise apps that will carry large organizations into the next wave of cloud computing, which spans from high-level concepts around applications that leverage AI and machine learning to build apps that actually learn outcomes to emerging DevOps app development models and architectures. (Please see this Advisory Report for more coverage.) Read more of this post

Filed under Secure

RSA Conference 2017 Preview: Three Themes I’m Watching

February 10, 2017 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:

  • Serverless security and security product integration frameworks are two emerging InfoSec industry market segments worth watching.
  • After contracting last year, the intrusion prevention system market should rebound thanks to new use cases and product innovation.

Next week, thousands of cybersecurity pros will converge in San Francisco for RSA Conference 2017. While there will be no shortage of interesting storylines, here are the three top themes I’ll be watching for at the industry’s largest annual confab: Read more of this post

Filed under Secure

Fortinet and Marketing Management: Third Time’s a Charm?

February 2, 2017 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:

  • New Fortinet marketing chief Stacey Wu plans to build Fortinet’s brand by leveraging its culture of innovation, imagination, and technical breakthroughs.
  • It’s unclear whether Wu can overcome the pitfalls that recently doomed her two predecessors, namely wavering support for marketing by CEO Ken Xie.

When it comes to marketing, Fortinet has a checkered history. Historically, the company has not prioritized marketing, embracing a corporate identity that places technological innovation at the fore.

In recent years, however, the company has endeavored to increase marketing spending in order to bolster sales growth. It has also sought to create a brand and go-to-market message that matches the agility of its technology, which helps justify purchasing from a vendor that was previously unfamiliar to many IT buyers. But, these efforts have been inconsistent and uncoordinated; insiders and those close to Fortinet lay the blame on CEO Xie, noting his inability to commit to a consistent marketing strategy and his eagerness to redirect marketing funding back toward product development. Read more of this post

Filed under Secure

MobileIron Quietly Debuts Sentry for Azure, Enabling Fully Cloud-Based EMM

January 27, 2017 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:                 

  • Now that Sentry, the gateway component of MobileIron’s EMM solution, is compatible with Azure, the vendor has a fully cloud-based offering for the first time.
  • For MobileIron, the move should accelerate product development, boost cloud-based EMM sales, and increase its competitiveness with rivals Microsoft and VMware AirWatch.

Just before the holidays, enterprise mobility management vendor MobileIron quietly revealed that it had completed the first stage of its long-planned effort to port the centerpiece of its EMM architecture to the cloud. Despite the lack of fanfare, the move represents a significant pivot point that not only enables MobileIron’s first fully cloud-based EMM solution, but also positions the vendor to compete more broadly and effectively. Read more of this post

Filed under Secure Tagged with

Symantec’s Strategic Merry-Go-Round: Questionable Short-Term Moves Hinder Long-Term Objectives

December 19, 2016 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:

  • Symantec’s moves to buy LifeLock and sue Zscaler will offer little effective support for Symantec’s stated strategic objectives.
  • Symantec instead should seek small, tuck-in acquisitions and find new niches in which to foster innovation.

Symantec has long been a company searching for a strategy, or at least a good strategy. Over the years, it has suffered through several failed reinventions that sought to address an ongoing dearth of disparate products, a lack of organizational cohesion and focus, and an inability to foster competitive momentum through innovation. Read more of this post

Filed under Secure

Security Product Integration Frameworks: A Gamechanger for Enterprise Security

November 18, 2016 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:

• SPIFs enable pre-integration of standalone third-party security products, eventually enabling enterprises to construct a customized, more effective enterprise security solution architecture.

• SPIFs are nascent, but they will have a growing impact on security product purchasing decisions. Leading-edge enterprises should begin researching SPIF ecosystems.

Enterprises have long been frustrated with the lack of interoperability among their enterprise security point products. The average large enterprise uses dozens of unique commercial security products and services, with few if any of them designed to work together.

Security product integration frameworks (SPIF) have the potential to change the game. SPIFs facilitate the sharing of security-related metadata, help standalone security products and services to interoperate effectively, and ultimately improve the efficacy of enterprises’ unique security architectures.

So what is a SPIF and how can it possibly deliver on such lofty ambitions? At its core, a SPIF is a fancy message bus system, typically augmented with authentication and access control, message encryption, subscription management and limited message store. Its centralized interconnection and messaging architecture enables security products to distribute data to other products and services and receive data from them. Third-party vendors add a SPIF’s pre-built messaging client code into their own products, customizing it as needed, and voila: enterprises using a SPIF can integrate products supporting that SPIF, often in a matter of minutes. Read more of this post

Filed under Secure Tagged with

Hello BlackBerry: Why Dropping Hardware Is Part of a Brighter, Security-Centric Future

October 28, 2016 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:

  • BlackBerry’s smartphone hardware exit is a positive development, not negative, and signals that the company’s turnaround is nearing completion.
  • BlackBerry held on to its hardware long enough to grow its software and services business, a move now paying off strategically and financially.

I must respectfully disagree with my esteemed colleague Avi Greengart’s take on BlackBerry’s recent decision to exit smartphone hardware design and manufacturing. Not only is this a positive development for BlackBerry, but it’s also a key sign that the vendor’s dramatic turnaround is nearly complete. Read more of this post

Filed under Secure

Cisco Systems Should Buy MobileIron: Here’s Why

September 23, 2016 by Leave a comment

E. Parizo

E. Parizo

Summary Bullets:

  • Cisco’s enterprise security portfolio lacks a strong play on mobile devices, especially those running iOS or Android.
  • By acquiring MobileIron, Cisco would gain strong enterprise EMM technology and the much-needed ability to enforce policy on disconnected mobile devices.

Tech industry prognosticators enjoy speculating about what companies Cisco will acquire next. In enterprise security, the vendor has a several needs, perhaps none more glaring than the need for improved mobile device security and policy enforcement.

Cisco’s security objective is to offer end-to-end security from the cloud to the endpoint, but it lacks a strong play on mobile devices – iOS and Android in particular – which has become crucial. On-network devices can benefit from the protection afforded by its network security capabilities, but when mobile devices leave the network, they are vulnerable, particularly to inbound malware. Read more of this post

Filed under Secure

Older posts