TheInfoPro

Written by Daniel Kennedy, Research Director for Information Security

Cisco is having an interesting year, attempting to shave $1 billion of expense through layoffs and asset sales while beating both its own and Wall Street’s predictions of earnings as announced Nov. 9. At halfway through our Wave 9 Networking Study of enterprise networking environments, it is clear that Cisco continues to retain its prominence. The company has already jumped out to a 25% lead among vendors that respondents are excited about, and has a healthy 37% of respondents planning to spend more on its products in 2012 than they did in 2011 (vs. 21% reporting decreased spending). In terms of vulnerability, 7% of respondents report that they are definitely considering a switch off Cisco, which ties with Juniper (also at 7%) and easily beats Hewlett-Packard, where 18% are working out a switch.

Reflecting on Cisco’s continued entrenchment in enterprise environments, as well as its prominence in in plan implementations over the next year and a half, the question arises: can anyone unseat Cisco as the dominent networking provider? TheInfoPro asks just that question in its latest study, and finds the answer is largely “no”:

Digging into the preview data, in a number of categories with significant growth potential, Cisco is the leading in use vendor. For example, with 10 Gigabit Ethernet rollouts, 33% have upgrades to their core network in their plans, and 26% report the same with server upgrades. In both cases Cisco is the lead in plan vendor. Similarly, with the hottest technology in the voice and video category, Unified Communications, which figures into 39% of respondents’ plans, Cisco maintains its leadership as the top in use vendor, but in this case has the possibility of being passed by Microsoft.

A sampling of narratives gathered thus far on Cisco reflects the mixed sentiment users have similarly expressed in the past:

• “We are a Cisco shop, but we will look at other vendors and even some appliances to address performance issues.”
• “Cisco is always cutting edge, in my opinion. They are capturing market share in addressing application performance in a distributed networking environment.”
• “Cisco is our vendor of choice. Overall, they continue to perform as we continue to grow. They have great technical support, especially when we hit complex issues. They are not as responsive to the competition as they could be. I would like to see Cisco in a more aggressive posture against some of the smaller emerging vendors.”
• “Cisco has a great technical staff, great support and sales. Cisco is the leader in this space, no doubt. Cisco has more ways to lose an order. If you get to the right person their knowledge base is extreme, it is just getting there.”
• “Cisco is ‘losing it’ right now. They have not done a good job in delivery, pricing and bill of materials. Cisco sold us the wrong licenses and they could not explain what happened. They are trying to go into too many directions at one time, they need to find the right path and get on it!!!! The products are solid and they work, at least at the router and switch level.”

Of course we’ll have a more complete picture of what’s happening with Cisco in the enterprise at the close of our Wave 9 Networking Study.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

2012 Information Security Forecasts – Who Will be the Winners & Losers?
Wednesday, December 14, 2011 2:00 PM – 2:45 PM EST

Replay Link: 2012 Information Security Forecasts

Some of the key trends we will be discussing from our Information Security study are:

Information Security spend is strong with many diverse drivers:

• Directionally for 2012, Information Security Professionals are not planning a slowdown. Thirty-seven percent are planning an increase in spend, with 16% planning a decrease.
• Thirty-nine percent are spending more in 2011 vs. 2010, and only 15% are spending less – showing the resiliency of the market in challenging economic times.
• In the one-on-one interviews, decision-makers detailed compliance, mobile devices and preventing data loss as the drivers for spending increases.

Data Leakage Prevention (DLP) and Application-Aware Firewalls are products on
the move:

• Data Leakage Prevention (DLP) resides in the top spot of TheInfoPro’s proprietary Information Security Technology Heat Index™, which gauges immediacy of planned implementation for 40 technologies, as the G2000 look to protect custodial and intellectual property data from leaking out of their environment.
• The traditional antivirus vendors, Symantec (SYMC) and Intel’s (INTC) McAfee, look to benefit with rollouts of both endpoint and network DLP on tap.
• Application-Aware Firewalls make a nice jump in the Heat Index, with Palo Alto and Check Point (CHKP) benefiting from the 28% of in-plan implementations.
• Palo Alto will be a vendor to watch as it is beginning to replace some of the major incumbent providers with its application-visibility-based approach.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Marco Coulter, Research Director for Storage

This Thursday’s TIP is based on a real-time update extracted with 71 in-depth interviews complete. The great thing about having a study in the field is correlating the data against current events. As global economic turmoil was in the headlines, we asked whether budgets had been adjusted since the start of this year.

With 75% seeing no change to budget, any economic uncertainty is not likely to have impact on storage spending until 2012. Most storage professionals have their budget for the rest of the year approved, and plan to spend it.

The 14% with increased spending and 11% for decreased are normal. They reflect the usual unexpected projects gaining approval or facing rejection:

• “They always ask for cuts during the year, but then we ask for new projects and it seems to balance out.” – storage pro at a large-enterprise industrial/manufacturing company
• “We had some budget savings, but no mandate to cut the budget.” – storage pro at a large-enterprise company

Next time, we’ll look at vendor spending in the fourth quarter.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Daniel Kennedy, Research Director for Information Security

At an information security leadership conference years ago, the debate topic was raised: “Who should the information security head report to?” A number of different reporting structures were represented at the table, and each security lead made his or her impassioned argument as to why it was best that security be situated in IT, legal, compliance, finance, audit, or other arrangement.

To hear it as well as sources in the information security trade press, you would assume there is little alignment organization to organization as to where the information security department sits. Here as with many similar questions, TheInfoPro has an advantage; we can simply ask a critical mass of security managers where information security sits in the organization, to see where the org chart’s evolution is taking us. The response: It is still information technology.

Originally published as a ThursdayTIP to the respondent network of TheInfoPro. Would you like to receive all of the ThursdayTIP reports when they are fist released? Sign up here for TheInfoPro’s respondent network.

Information Security Division

Perhaps concerning, only 70% of enterprises identify information security as its own department within the organization, which one can extrapolate to there being 30% of firms where there is no single dedicated security resource in place. Ninety-two percent (92%) situate information security somewhere within IT, whether it is reporting directly to the chief information officer (CIO), 36%, or the head of IT, 20%, or buried further down the IT management food chain. Of the 8% outside of IT, popular repsonses for who security officers report into included the head of compliance, the COO, internal audit, or to a head of risk management.

Respondents provided the following comments illustrating where the security role fits within their organizations:

• “This is difficult for me to answer. If you count heads, the answer is yes, but of all the people doing security work, do they all fall under security? No. It’s tough to answer this without potentially skewing the data.”
• “Yes – within IS, there are five departments: network services, clinical systems, business operations, and executive info systems, IT governance.”
• “We are part of infrastructure management org, which is part of the business process organization. This will change when we name a CISO, who will report directly to the CIO. We will be a separate function from IT and infrastructure management.”
• “CIO, he is also the CISO.”

Included in this narrative is the final bullet above, which illustrates the somewhat common, but nonetheless dubious arrangement, where the same person is responsible for both IT management and information security. I say dubious because clear separation of duties issues emerge in such an arrangement, where the yin of wanting to deliver on IT projects is not balanced properly against the yang of considering those implementations in a security risk management context, which frequently adds additional requirements and may even close off certain paths of implementation based on incurring too great a risk to the enterprise.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Sean Hackett, Research Director for Cloud

Most of the CIOs and IT decision-makers that we speak to are mainly focused on building architectures for private, public or hybrid clouds. However, what happens once the cloud architecture is built?

Unified cloud management – or the ability to manage disparate internal virtualized and cloud platforms in a holistic fashion – will be increasingly critical in the future. In addition, a unified cloud management strategy will be a requirement for many of the mission-critical applications that today’s Fortune 1000 rely on for their core business.

Results from our Wave 2 Cloud Computing Study show that few have confidence that management vendors can deliver on such functionality today. Fifty-three percent (53%) of respondents say that they are minimally or not at all confident that unified cloud management solutions are available today. But there is a light at the end of the tunnel, and guess what? It’s not a freight train. When respondents were asked about their confidence in finding unified cloud management solutions two years from now, their confidence increased dramatically: Only 13% said they were minimally or not at all confident that such solutions would exist in two years.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky