Opinion
Opinion
- 
			Changing perceptions of network security tools from CSPsResearch from Enterprise Strategy Group found the conversation about cloud service provider and third-party vendor network security tools is changing. Continue Reading 
- 
			Entrust sells certificate business: Implications and actionsEntrust selling its certificate business to Sectigo isn't the only change that enterprises will face when it comes to the future of digital certificates. Continue Reading 
- 
			Too many 'point'less tools: Platformization is betterWill 2025 be the year organizations ditch multiple point products and take a platform approach? Enterprise Strategy Group analyst Tyler Shields thinks it should be. Continue Reading 
- 
			Data security spending in 2025: Up and to the rightCybersecurity investments are set to increase in 2025, according to Enterprise Strategy Group's annual spending survey, and data loss prevention is leading the priority pack. Continue Reading 
- 
			The basics drive 2025 identity security investmentsNew identity security tech might steal headlines, but Informa TechTarget's Enterprise Strategy Group analyst Todd Thiemann shows the basics get the most attention from businesses. Continue Reading 
- 
			2025 cloud-native cybersecurity predictionsJoin Informa TechTarget's Enterprise Strategy Group analyst Melinda Marks as she looks at what 2025 has in store for cloud-native security. Continue Reading 
- 
			3 network security predictions for 2025What does 2025 have in store for network security? Analyst John Grady from Informa TechTarget's Enterprise Strategy Group shares his predictions for the upcoming year. Continue Reading 
- 
			Nonhuman identity security is getting board-level attentionHas your organization addressed nonhuman identity security? NHI attacks are becoming more prevalent and need to be a part of enterprise security strategies. Continue Reading 
- 
			3 cybersecurity predictions for 2025Will service as software, agentic cybersecurity and automated remediation reach their potential in 2025? Read up on what analyst Tyler Shields has to say. Continue Reading 
- 
			2025 identity security and data security predictionsFrom securing nonhuman identities to post-quantum cryptography to DSPM and DLP combining, here's what's in store for identity and data security in 2025. Continue Reading 
- 
			Address skills shortages with third-party data discovery toolsHomegrown might be best in some scenarios, but resource-constrained security teams should consider third-party tools for data discovery and resilience. Continue Reading 
- 
			Study shows securing SaaS applications growing in importanceSecuring all types of SaaS applications ranks high among security pros, but the broad mandate can mean the need for better SaaS security platforms and tools. Continue Reading 
- 
			Research reveals strategies to improve cloud-native securityAs organizations focus on the cloud to deliver and scale applications, security teams struggle to keep up. Recent research points to how teams can effectively manage cloud security risk. Continue Reading 
- 
			Top vulnerability management challenges for organizationsOrganizations understand vulnerability management is essential to identifying cyber-risks, but coordinating teams, tools and handling CVEs keeps the pressure on. Continue Reading 
- 
			6 steps toward proactive attack surface managementWith organizations' attack surfaces growing, new research shows better asset management, tighter access policies like zero trust and consistent configuration standards can help. Continue Reading 
- 
			Cyber-risk management remains challengingStrong cyber-risk management demands collaboration and coordination across business management, IT operations, security and software development in an ever-changing environment. Continue Reading 
- 
			Why is SecOps becoming both easier and more difficult?While SecOps has become easier in some ways, enterprises still struggle with areas such as data volumes, threat intelligence analysis and security alert volume and complexity. Continue Reading 
- 
			Security teams need to prioritize DSPM, review use casesNew research showed data resilience is a top priority for security teams, as data security posture management grows to help manage and protect data and improve GenAI. Continue Reading 
- 
			Cyber-risk management: Key takeaways from Black Hat 2024Product updates announced at Black Hat USA 2024 can help security teams better manage constantly changing attack surfaces and ensure new AI projects won't pose security risks. Continue Reading 
- 
			Black Hat USA 2024 takeaways for data security and IAMBlack Hat USA 2024 showcased recurring themes of data security and IAM, encompassing the platform vs. point product debate, cleaning identity data and GenAI security. Continue Reading 
- 
			Highlights from CloudNativeSecurityCon 2024This year's Cloud Native Computing Foundation CloudNativeSecurityCon highlighted cloud-native security issues to its many attendees who don't hold security-focused roles. Continue Reading 
- 
			Be prepared for breach disclosure and a magnitude assessmentOrganizations need to take a proactive approach to monitoring data stores continuously, and in the case of a breach, assess the magnitude quickly and accurately. DSPM can help you. Continue Reading 
- 
			5 key capabilities for effective cyber-risk managementFaced with relentless cyberattacks, organizations need to shore up their cyber-risk management programs by updating legacy tools and checking out new vendor options. Continue Reading 
- 
			CISO advice for addressing cyber-risk management challengesCyber-risk management is simple in concept and difficult in practice. CISOs weigh in on some potential ways to reign in the chaos, educate executives and mitigate cyber-risks. Continue Reading 
- 
			CrowdStrike chaos casts a long shadow on cybersecurityAs organizations recover from today’s outages, the cybersecurity industry will need to develop new security software evaluation criteria and requirements and learn to parlay risks. Continue Reading 
- 
			Is today's CrowdStrike outage a sign of the new normal?A CrowdStrike update with a faulty sensor file has global implications for Windows systems. But competitors need to limit the finger-pointing in case it happens to them. Continue Reading 
- 
			CISOs on how to improve cyberthreat intelligence programsOrganizations need to take a focused approach to gain visibility into targeted threats for cyber-risk mitigation and incident response. Continue Reading 
- 
			AWS makes strong case for its security advantages at re:InforceAt re:Inforce 2024, AWS shared details of its secure-by-design measures to protect customer data. Continue Reading 
- 
			Identiverse 2024: Key takeaways in identity securityThe 2024 Identiverse conference addressed identity access management challenges, AI's ability to streamline IAM workflows and nonhuman identity management for identity pros. Continue Reading 
- 
			Dell Technologies World was all about AI; what about security?At Dell Technologies World 2024, Dell made it crystal clear that it is all-in on AI, but the company must also emphasize the importance of cybersecurity. Continue Reading 
- 
			RSA Conference wrap-up: The state of cybersecurity disconnectThe cybersecurity industry isn't prepared for massive changes in play. It needs to focus more on the mission rather than cybersecurity technology widgets. Continue Reading 
- 
			RSAC 2024: Infosec pros battle to stay ahead of the bad guysThis year's RSA Conference strived to inspire IT professionals to be pragmatic with generative AI tools while using the latest technologies to bolster security. Continue Reading 
- 
			10 risk-related security updates you might have missed at RSACAI was a prominent theme at RSA Conference, but many security vendors also delivered risk-focused capabilities to help infosec pros better manage their risk posture. Continue Reading 
- 
			3 reasons Synopsys is selling its app security businessSynopsys is selling its application security business to a private equity firm. Analyst David Vance explains why, as well as what it means for the industry. Continue Reading 
- 
			5 key takeaways from RSA Conference 2024At RSA Conference 2024, the infosec industry showed their efforts to push forward in AI and to fill gaps that should help security practitioners do their jobs more effectively. Continue Reading 
- 
			AWS to protect its cloud using CrowdStrike security productsAWS is replacing a variety of security products with the CrowdStrike Falcon Platform to further secure applications and data on its cloud. Continue Reading 
- 
			Security updates from Google Cloud Next '24 center on GenAIGoogle has infused Gemini into its security tools and while GenAI isn’t going to solve every security problem right away, its assistive capabilities save much needed time. Continue Reading 
- 
			RSAC 2024: Real-world cybersecurity uses for GenAISecurity pros can expect a lot of buzz around GenAI at RSA 2024, where vendors and experts will share how the latest generative AI tools can enhance cybersecurity. Continue Reading 
- 
			Optimize encryption and key management in 2024Enterprise Strategy Group research highlighted the encryption challenges enterprises face, including lack of encryption, cryptographic infrastructure inadequacies and more. Continue Reading 
- 
			5 trends in the cyber insurance evolutionAs cyber insurance companies evolve, they will wield more power throughout the industry. Check out five areas where cyber insurance trends are changing the cybersecurity market. Continue Reading 
- 
			Identity, data security expectations for RSA Conference 2024Security practitioners can expect to hear about key issues at this year's RSA Conference, including identity and data security, AI and DSPM. Continue Reading 
- 
			5 areas to help secure your cyber-risk management programTo meet the challenges of managing cyber-risk, organizations need to have a cyber-risk management plan in place. Look at five areas to better secure your organization's assets. Continue Reading 
- 
			Top 6 data security posture management use casesData security posture management is a top 10 security issue for 2024, according to research. Check out the top six use cases for DSPM and weigh in on other possibilities. Continue Reading 
- 
			Surprising ways Microsoft Copilot for Security helps infosecMicrosoft Copilot is the first of many GenAI tools that should help security leaders accelerate their program development and strengthen security postures. Continue Reading 
- 
			Cloud detection and response is, and will stay, a team sportCISOs should push for federated technologies, common processes and formal communications between teams to ensure cloud detection and response is effective and efficient. Continue Reading 
- 
			Threat intelligence programs need updating -- and CISOs know itMost enterprise threat intelligence programs are in dire need of updating. Security executives need to formalize programs, automate processes and seek help from managed services. Continue Reading 
- 
			Why companies need attack surface management in 2024The attack surface is in a constant state of change and growth -- which is bad news for cyber-risk management. This vulnerability needs to be addressed. Continue Reading 
- 
			Cloud threat detection and response priorities for 2024To improve cloud detection and response, security pros need to get closer to cloud applications and software development processes. Here's how that can be accomplished. Continue Reading 
- 
			Application security consolidation remains nuancedAs web application and API protection converge into cloud-based WAAP, Enterprise Strategy Group research shows enterprise interest, but security concerns remain. Continue Reading 
- 
			Key cybersecurity takeaways from AWS re:InventSecurity was strongly emphasized throughout the AWS re:Invent user conference, with product updates to help companies secure data as they build apps and scale in the cloud. Continue Reading 
- 
			How organizations can learn from cloud security breachesResearch shed light on cloud security breaches. It's time to learn from the past and mitigate these attacks in the future with strong cloud security and posture management. Continue Reading 
- 
			Amazon IAM announcements at re:Invent 2023At AWS re:Invent 2023, Amazon announced several new features around machine and human identities designed to improve identity and access management. Continue Reading 
- 
			5 network security predictions for 2024Check out network security trends for 2024 from Enterprise Strategy Group, from SaaS security and rising DDoS attacks to network and endpoint convergence. Continue Reading 
- 
			Security continues to lag behind cloud app dev cyclesEnterprise Strategy Group research revealed security gaps in cloud-native software development -- issues that should be addressed as soon as possible. Continue Reading 
- 
			Security highlights from KubeCon + CloudNativeCon 2023KubeCon + CloudNativeCon provided valuable insights for security teams supporting cloud-native development, including securing GenAI, platform engineering and supply chains. Continue Reading 
- 
			Research points to 5 ways to improve cybersecurity cultureRespondents to a new Enterprise Strategy Group/ISSA survey offered five key points on how to strengthen an organization's cybersecurity culture. Continue Reading 
- 
			How to overcome the beginner cybersecurity career Catch-22The workforce gap constantly makes headlines, but that doesn't mean breaking into the field is easy. Get advice on how to start on an entry-level cybersecurity career path. Continue Reading 
- 
			Collaborate with third parties to ensure enterprise securityThird-party risk is a major threat today, as evidenced in numerous recent breaches. Organizations must work with partners to ensure their data is protected properly. Continue Reading 
- 
			Cloud-native app security? Ignore acronyms, solve problemsWhen building a cloud-native application security strategy, avoid new acronym and product category confusion. Look for products that effectively address top challenges instead. Continue Reading 
- 
			Cloud-native firewalls are the next step in network securityThe network security challenges associated with cloud provider and virtual firewalls are leading to third parties introducing cloud-native firewalls. Continue Reading 
- 
			SailPoint extends identity security platform with data securityWith DAS, privilege access management, AI and other features, SailPoint moves Atlas from an identity governance platform to an identity security platform. Continue Reading 
- 
			Takeaways from Oktane23: Okta AI, universal logout and moreNew game-changing security features from Okta speed threat detection and response times, enabling IT pros to log all users out of applications during a cyber attack. Continue Reading 
- 
			Transitioning to single-vendor SASE will take timeNew Enterprise Strategy Group research reveals enterprises are interested in single-vendor SASE -- but with multiple tools on hand, the transition will take planning and time. Continue Reading 
- 
			CrowdStrike makes a breakout moveCrowdStrike's annual user conference emphasized the company's future vision for AI, automation and an integrated security IT approach. Continue Reading 
- 
			6 reasons Cisco acquired SplunkA treasure trove of Cisco and Splunk data, AI and analytics can improve cyber-resilience, accelerate threat detection and response, and enable more intelligent networks. Continue Reading 
- 
			Google and Mandiant flex cybersecurity muscle at mWISEEnd-to-end cybersecurity coverage and generative AI could accentuate Google and Mandiant's combined cybersecurity opportunities -- with the right execution. Continue Reading 
- 
			Strong identity security could've saved MGM, Caesars, RetoolThree cyber attacks that featured vishing led to compromised identities, data loss and the interruption of operations. Passwordless authentication could have prevented all three. Continue Reading 
- 
			What to consider when creating a SaaS security strategySecuring SaaS applications is more important and confusing than ever. Consider visibility, UX and workflow when creating a SaaS security strategy and adopting tools. Continue Reading 
- 
			Google Cloud Next focuses on generative AI for securityGoogle discussed its vision for applying generative AI to cybersecurity at its Google Cloud Next conference in August, with announcements about new features and capabilities. Continue Reading 
- 
			Time for an identity security revolutionIdentity needs to be the foundational component of the cybersecurity stack, because attackers are primarily after an organization's data. Continue Reading 
- 
			Identity needs a seat at the cybersecurity tableThe shift to the cloud and remote work, combined with the rise of phishing and other identity-related attacks, puts identity security at the forefront of cybersecurity concerns. Continue Reading 
- 
			Security hygiene and posture management: A work in progressSecurity hygiene and posture management may be the bedrock of cybersecurity, but new research shows it is still decentralized and complex in most organizations. Continue Reading 
- 
			Using defense in depth to secure cloud-stored dataTo better secure cloud-resident data, organizations are deploying cloud-native tools from CSPs and third-party tools from MSPs to achieve a defense-in-depth strategy. Continue Reading 
- 
			For stronger public cloud data security, use defense in depthThe amount of cloud-resident data is increasing -- and so are the number of challenges to sufficiently secure it, especially within multi-cloud environments. Continue Reading 
- 
			AI helps humans speed app modernization, improve securityEnterprises are looking at AI-driven approaches to help human teams modernize and accelerate application development to refactor or build new apps and beef up cybersecurity. Continue Reading 
- 
			How AI benefits network detection and responseInterest in security tools with AI is growing as security leaders uncover AI's potential. One area that could especially benefit from AI is network detection and response. Continue Reading 
- 
			App development trends and their security implicationsEnterprise Strategy Group analysts look at how organizations are modernizing software development processes and how security teams can support the growth and scale. Continue Reading 
- 
			New AWS security tools, updates help IT protect cloud appsAWS released a slew of updates to improve security as IT pros develop and deploy more enterprise applications via public cloud services. Continue Reading 
- 
			Cisco releases new security offerings at Cisco Live 2023At Cisco Live 2023, Cisco emphasized its plans to emphasize security, rolling out a host of new initiatives from secure access to AI-aided security to cloud-native app security. Continue Reading 
- 
			Closing the book on RSA Conference 2023AI, cloud security, SOC modernization and security hygiene and posture management were all hot topics at RSAC in San Francisco this year. Continue Reading 
- 
			Protect against current and future threats with encryptionCurrent and future cyber threats, such as ransomware, generative AI, quantum computing and an increase in surveillance, are driving the need to secure all data with encryption. Continue Reading 
- 
			2023 RSA Conference insights: Generative AI and moreGenerative AI was the talk of RSA Conference 2023, along with zero trust, identity security and more. Enterprise Strategy Group analyst Jack Poller offers his takeaways. Continue Reading 
- 
			Addressing the confusion around shift-left cloud securityTo clarify how shift-left security should work in terms of cloud-based application development, Enterprise Strategy Group analyst Melinda Marks dives deep into the process. Continue Reading 
- 
			Cloud-native security metrics for CISOsAuthor and chief risk officer Rich Seiersen talks about the challenges of securing cloud-native applications and how to use metrics to improve their effectiveness. Continue Reading 
- 
			10 hot topics to look for at RSA Conference 2023RSA Conference 2023 promises another exciting year of cybersecurity discussions and hyperbole. Enterprise Strategy Group's Jon Oltsik shares what he hopes to see at the show. Continue Reading 
- 
			Top RSA Conference 2023 trends and topicsEnterprise Strategy Group's Jack Poller outlines his picks for getting the most out of the 2023 RSA Conference, from keynotes to startups, AI, innovation and more. Continue Reading 
- 
			Why enterprise SecOps strategies must include XDR and MDRAdopting extended detection and response and employing managed detection and response services may be the missing pieces of the SOC modernization puzzle. Continue Reading 
- 
			Research examines security operations proficiency issuesInstead of looking at where security operations teams excel, Enterprise Strategy Group asked security pros where teams are least proficient. Learn where and how to fix it. Continue Reading 
- 
			Accurately assessing the success of zero-trust initiativesZero-trust preparation can be difficult. Measuring how well the model provides security and business benefits after implementation is even more difficult. Continue Reading 
- 
			Top takeaways from first CloudNativeSecurityConTechTarget's Enterprise Strategy Group offers the main takeaways from the first vendor-neutral, practitioner-driven conference for security. Continue Reading 
- 
			DevSecOps needs to improve to grow adoption rates, maturityOrganizations are adding security processes and oversight to DevOps, but there's still work ahead to truly marry cybersecurity with DevOps and create a functioning DevSecOps. Continue Reading 
- 
			6 data security predictions for 2023New tools are proliferating to secure data wherever it lives. Six data security trends -- ranging from AI washing to new data security platforms -- are in the forefront for 2023. Continue Reading 
- 
			4 identity predictions for 2023Identity's place in the attack chain is driving the shift of identity responsibility from IT operations to security to look into passwordless, digital IDs, platforms and more. Continue Reading 
- 
			Understanding the importance of data encryptionEncryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches. Continue Reading 
- 
			5 ways to enable secure software development in 2023Security teams have to help developers ensure security software development, but in today's rapidly scaling cloud environments, it's a challenging task. Continue Reading 
- 
			6 cybersecurity buzzwords to know in 2023Enterprise Strategy Group research indicates many organizations will increase cybersecurity spending in 2023, and with that comes an evolving set of vendor buzzwords to sort out. Continue Reading 
- 
			3 enterprise network security predictions for 2023It's shaping up to be another banner year for network security. 2023 may see decryption-less threat detection, connected home-caused enterprise breaches and new SASE drivers. Continue Reading 
- 
			XDR definitions don't matter, outcomes doDespite remaining confusion about what XDR is, security teams need to improve threat detection and response. ESG research revealed plans for increased XDR spending in 2023. Continue Reading 
- 
			7 steps to implementing a successful XDR strategyThere's still confusion around what extended detection and response is, but it will play a key role in enterprise security. To successfully implement XDR, follow these steps. Continue Reading 
- 
			Secure development focus at KubeCon + CloudNativeCon 2022The pressure is on. It's time for better security that can keep up with modern software developers. That was the message at this year's KubeCon + CloudNativeCon. Continue Reading