Cybersecurity Snippets
By Jon Oltsik
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.
Bye-bye best-of-breed?
ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process.
SOC modernization: 8 key considerations
Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole.
5 ways to improve security hygiene and posture management
Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies.
Operationalizing a “think like the enemy” strategy
MITRE ATT&CK and new security technology innovation make this possible.
Security asset management should be buttoned down. It isn’t.
Organizations struggle to understand what assets they have and whether they are at risk. This opens the door for exploitation.
Look for attack surface management to go mainstream in 2022
Many organizations struggle to discover, classify, and manage Internet-facing assets, leaving them vulnerable to attack. In 2022, they will finally do something to address this.
Security hygiene and posture management: A 2022 priority
Disjointed tools and manual processes provide an incomplete and unacceptable picture of cyber-risk.
Will XDR modernize the SOC?
Organizations are both adopting XDR technology and modernizing the SOC. New ESG research points to areas of potential overlap and even conflict between those two initiatives.
5 observations about XDR
The technology is evolving, so security professionals and pundits must be open-minded and closely track market developments.
7 key data points on the cybersecurity skills shortage
The global cybersecurity skills shortage is as bad as it has ever been, and most organizations are feeling the pinch, new research finds. But cybersecurity professionals have many recommendations for addressing this situation.
4 things you should know about cybersecurity pros
ESG/ISSA research report reveals that a strong cybersecurity culture really matters.
Move over XDR, it's time for security observability, prioritization, and validation (SOPV)
Independent tools and data repositories are coming together for better threat management, impacting organizations, security professionals, and the industry. We need to take the same approach to security hygiene and posture management....
5 things CISOs want to hear about zero trust at the RSA Conference
Security executives are interested in how ZT vendors will integrate with existing technologies, supplement ongoing projects, and support business processes.
8 things CISOs want to hear from XDR vendors
Beyond industry rhetoric, vendors must use their time at the RSA Conference to provide clarity around what XDR is, where it fits, and how it complements existing security technologies.
4 steps to better security hygiene and posture management
Increasing scale and complexity have made keeping up with security hygiene and posture management cumbersome and error prone, leaving organizations exposed. Here's what leading CISOs are doing to close the gap.
Why XDR must include MDR
Technology alone isn't enough; organizations need help with security operations.
XDR is coming: 5 steps CISOs should take today
Beyond threat detection and response, CISOs should think of XDR as an opportunity to modernize the SOC, automating processes, and improving staff productivity. Here's your XDR game plan for 2021.
The most important cybersecurity topics for business executives
Data privacy, current cyberthreats, and cybersecurity culture and training top the list, but are these the right priorities?
4 ways security has failed to become a boardroom issue
New research finds that despite being more engaged with cybersecurity, business executives and board members continue to view cybersecurity as a technology domain rather than a business concern.
Why 2021 will be a big year for deception technology
New use cases, MITRE Shield support, and greater awareness will drive market growth and penetration.
