Microsoft Acquires Cloud Access Security Intelligence vendor Adallom

Andras Cser

Microsoft is doubling down on its cloud strategy and announced the acquisition of Adallom. Adallom offers transparent, cloud-based monitoring and alerting of cloud application use. It can detect if a user is performing suspicious actions (e.g. downloading the CRM database on a Friday afternoon). This signifies that cloud service provider vendors can no longer only offer IaaS security (see our Wave at https://www.forrester.com/The+Forrester+Wave+Public+Cloud+Platform+Service+Providers+Security+Q4+2014/fulltext/-/E-RES113065 ) but also help with understanding risks around non-sanctioned and sanctioned SaaS applications. Microsoft's success of incorporating Adallom's assets into the Azure portfolio will depend on the following:

1. How well will Azure AD premium work with Adallom?

2. How well will Office 365 work with Adallom?

3. How well  will Azure IaaS work with Adallom?

4. How Adallom will be able to support data protection and encryption?

5. How well Adallom will continue to work vendor agnostically with non-Microsoft IaaS and SaaS envrionments?

We will be publishing a Market Overview on Cloud Access Security Intelligence vendors (including Adallom) in Q3 of 2015. Stay tuned!

Mobile Security Technologies 2015

Tyler Shields

Today, I'm officially kicking off the 2015 version of the Mobile Security Technology Radar and I need your help! 

Mobile security is one of the fastest changing, most dynamic markets that I have ever seen in my life (and I've been around the block a few times). Just when enterprises think they have it all figured out, a new shiny blinking toy is released that promises to secure mobility better than ever before. I began formally tracking the mobile security space for Forrester in the summer of 2013. One of my early reports was the 2013 Mobile Security Technology Radar which I slightly updated in the winter of 2014. Both enterprises and vendors alike responded very positively to these reports, citing the valuable insights that allowed them to predict the movements of a market that changes faster than Katy Perry at the super bowl halftime show.

What isn't always evident in the reports that we write at Forrester is the depth and details in the research we do. For example, the graphic below represents quantified survey results of industry experts, vendors, and customers of mobile device management technologies that offers insite into the market sentiment on MDM solutions in 2013. MDM was a pretty hot technology in the summer of 2013 and the lack of red market sentiment helped us predict that this technology would thrive in the near future (see graphic below). Things really get interesting when we have year over year trending data to help us gain additional insite into the future market movements.

Read more

Forrester’s Security & Risk Analyst Spotlight – Nick Hayes

Stephanie Balaouras

He declined to live tweet his upcoming wedding from the altar, but there is no doubt that Nick Hayes is the social media expert on Forrester’s S&R team. He has extensive knowledge of the security, privacy, archiving, and compliance challenges of social media, as well as the technical controls used to address them. He also specializes in the tools that monitor and analyze social data to improve oversight and mitigation tactics of myriad reputational, third-party, security, and operational risks. He is certainly aware of the reputational risk of staring at your cell phone when you’re supposed to say, “I do”, but maybe if you follow him (@nickhayes10), you might get lucky with a pic or two -- and some good risk thoughts to boot.

Read more

How To Go From Dinosaur To Eagle - Or Risk Being The CISO That Got Hit By The Comet

Peter Cerrato

Peter Cerrato is a principal consultant for Forrester's Business Technology consulting practice.  

A very strange and sudden thing happened 66 million years ago. A comet crashing into the Mexican Yucatan peninsula near Chicxulub put an end to the long reign of the dinosaurs. But not so fast. We now know that some of those dinosaurs survived the massive Cretaceous-Tertiary extinction event: the smaller, faster, feathered and headed-toward-warm-blooded early ancestors of our eagles and hawks.

(source: http://www.newscientist.com/special/living-dinosaur-bird)

Read more

Some vendors just cannot let go of their "precious appliances!"

Rick Holland
We just published my latest research, the Forrester Wave: SaaS Web Content Security, Q2 2015. Forrester categorizes web gateways/forward proxies into this web content security category. I did something different with this evaluation, instead of looking at on-premise appliances; I only evaluated the SaaS deployment model. If a vendor didn't have a SaaS delivery model, we didn't include them in the Wave. 
 
The decision to focus this wave on the SaaS model, wasn't popular with some of the vendors we evaluated. The majority of vendors who sell web proxies lead with the on-premises delivery model and relegate SaaS to a niche deployment option. As users, their endpoints, and their applications move outside the perimeter and into the cloud, the traditional web gateway model is being disrupted; yet many vendors are still very attached to their appliances.  Instead of evaluating a very mature on-premise market, I wanted to focus this Wave on the future.

Read more

The State Of The Cyberthreat Intelligence Market

Rick Holland

If the RSA Conference was any indicator, threat intelligence has finally joined the ranks of cloud and advanced persistent threat as ambiguous/overused terms that mean many different things to many different people. If you were given a dollar, pound or euro every time you heard "threat intelligence," there is no doubt you could fund your security budget for decades to come. Your biggest challenge would be determining how to invest some of that money into threat intelligence capabilities.

To help Forrester clients navigate the threat intelligence market I have several pieces of research underway. The first report, "The State Of The Cyberthreat Intelligence Market" has just published. In it I discuss the frenzied venture capital and vendor investment in the threat intelligence space.  I also provide guidance on how security and risk professionals should navigate the marketing hype to make the best investment of their limited resources. I am currently writing the second report "Market Overview: Threat Intelligence Providers." Here is a snippet from the latest research that illustrates just how much vendor focus we have seen. Since October of 2014:

\

  • There have been three acquisitions and eight fundraising rounds.
  • iSight Partners (Critical Intelligence) and Lookingglass (Cloudshield) have each raised funds and made an acquisition.
  • Of the acquisitions, only one company publicly disclosed the acquisition amount: $40 million (Proofpoint.)
  • The eight fundraising rounds raised a total of $102.5 million dollars.
Read more

Forrester's Security & Risk Research Spotlight -- Don't Let Cloud Go Over Your Head

Stephanie Balaouras

With great convenience comes great responsibility...

Once a month I use my blog to highlight some of S&R’s latest and greatest. The cloud is attractive for many reasons -- the possibility of working from home, the vast array of performance and analytical capabilities available, knowing that your backups are safe from that fateful coffee spill, etc. Although the cloud is not a new concept, the security essentials behind it unfortunately remain a mystery to practically all users. What’s worse, the security professionals tasked with protecting corporate data rarely have visibility into all the risk -- it’s simply too easy for users to make critical cloud decisions without process or oversight.   

Underestimating or neglecting the necessary security practices that a cloud requires can lead to hacks, breaches, and horrendous data leaks. We’ve seen our fair share of security embarrassments that range from Hollywood execs to the US government, and S&R pros know that these are far from done.

Read more

Samsung keyboard bug highlights vulnerability of passwords

Andras Cser

Here's a new exploit on Samsung Galaxy S4, S4 and S6 Swiftkey: remote code execution is possible which can lead to root access to the device, data loss, password sniffing and keylogging, Man-in-the-Middle attacks and compromised passwords. Another reason why we need to think about 'What's beyond passwords?'. We will shortly publish a report on this topic. Stay tuned.

The FCC is the Most Powerful Privacy Regulator in the Land...What Will Happen Next?

Renee Murphy

Since the bulk collection of telephone metadata began, the NSA has been keeping those records in a vast database and maintaining and querying that data for 5 years before being required to purge it. Now that the data will be back in the hands of the telecom companies, the Federal Communications Commission’s regulations will determine the retention of the metadata.

Prior to the 1980's, the FCC retention schedule was 6 months, but in the 1980’s, during the war on drugs, the Department of Justice asked the FCC to change that requirement to 18 months to make it easier to get RICO convictions for the drug cartels and the FCC complied. Since then, telephone data has been used to convict many organized crime syndicates with great success. Now that the NSA is also an agency that would like access to the same data that they FBI has been using since the 1970’s, will they ask the FCC to maintain the data for five yeas as they had been?

Read more

Market Overview: Cloud Workload Security Management Solutions — Automate Or Die

Andras Cser

Today, not moving workloads to the cloud is not an option. Leaving these workloads not secured is also not an option.

However, managing workloads within and across Infrastructure-as-a-Service cloud service providers, we find that S&R professionals struggle with ensuring that their cloud workloads (guest operating systems and data on those operating systems) are secure. Why? Because S&R must ensure that installation and setup bootstraps with the right security and network configuration. They must control access to workloads as well as management consoles, file and configuration integrity, intrusion and endpoint protection. Manual management is simply not an option, you either automate security hardening for a large number of workloads or "die", i.e. fall victim to a breach.

Enter a new class of solution to offer a solution to this problem: Cloud Workload Security Management Solutions. These offerins  typically install a small agent on endpoints, connect these agents to a central service (available as SaaS or on-premises product) then offer centralized management of all the above cloud workload security aspects.

Our CWS market overview looks at and compares the features and company profiles of the most important vendors in this space.

https://www.forrester.com/Market+Overview+Cloud+Workload+Security+Management+Solutions+Automate+Or+Die/fulltext/-/E-RES121266