Search
Close this search box.

Cybersecurity Summer-to-Date 2024 Monthly Market Snapshot Report

Cybersecurity Summer-to-Date 2024 Monthly Market Snapshot Report

What Happened This Month: This summer has been marked by a series of technology, product, and market news that reflect how quickly the threat landscape is changing, and how organizations need to evolve in kind. This includes the tools for security and resiliency, as well as how people and processes need to be adapted.

Technology Developments

What? AWS re:Inforce, the company’s annual cybersecurity conference, highlighted the importance of investing in security fundamentals and innovation, fostering collaboration and cross-toolchain integration, and protecting AI applications.

  • Why? Organizations must prioritize security, focusing on core fundamentals and innovations in threat detection, incident response, and forensics. As generative AI applications are entering the production phase, they pose unique development and deployment challenges.
  • What It Means: Although the 2023 re:Inforce show focused more on the basics of the shared responsibility model for security in the cloud between cloud providers and customers, 2024 represented more sophisticated discussions around organizational roles, resiliency tools, and AI application protection, reflecting the evolving security market.

What? Druva launches a managed data detection and response service, marking a trend of data protection companies expanding not only into helping to prevent and detect attacks, but also supporting incident response – akin to Veeam’s April 2024 acquisition of Coveware.

  • Why? Data protection software has extensive visibility and, in many places, has cataloged backup copies. This visibility enhances security incident detection and response. Integration with backup systems and automated workflows reduce manual tasks and human error during critical situations.
  • What It Means: Data protection companies will continue expanding beyond strictly data backup and recovery and replication. This includes becoming more preventative, with earlier detection of attacks, and also helping IT Operations and Security teams to navigate the complicated process of recovering.

New Products or Services

What? Veeam launches its Data Cloud Vault and, in partnership with Lenovo, TruScale Backup with Veeam offerings. Veeam Data Cloud Vault is a Veeam-delivered cloud-hosted storage service that allows encrypted and immutable backup copies to be stored in a logically air-gapped storage environment. Lenovo TruScale Backup with Veeam is a scalable Backup as a Service solution that provides data protection and ransomware recovery. This service combines Lenovo ThinkSystem servers and storage with Veeam’s backup technology, offering a cloud-like experience on-premises.

  • Why? IT Operations teams are strapped for headcount and time resources, increasing the difficulty of managing complex multi-hybrid cloud environments At the same time, the increasingly sophisticated and rapidly evolving threat landscape necessitates unprecedented levels of security.
  • What It Means: Storage and data protection delivered as-a-service will continue to grow in popularity among customers. However, the overall total cost of ownership (TCO) must be carefully evaluated, given the dynamics that impact overall cost-effectiveness. Additionally, IT Operations teams remain wary of cloud-hosted data vault options as a true air gap – and for a good reason – as there are potentially inroads that hackers can access. These too warrant a close evaluation.

What? Commvault announces four new cyber-detection and recovery capabilities to be available in 2Q 2023: Commvault Risk Analysis, Threat Scan, and Auto Recovery (all available standalone or as a part of a Commvault solution bundle), as well as the ThreatWise Advisor capability. It is also furthering integration with CyberArk and Microsoft for identity and access management (IAM) and security incident and event management (SIEM) capabilities.

  • Why? Data protection is evolving to include cyber-resiliency, recovery mechanisms, and security, alongside core backup and operational recovery functions. Enterprises should include not just Protect and Recover but also Identify and Detect, per the NIST Framework.
  • What It Means: The landscape of data protection is evolving beyond backup and recovery functions. Commvault is enhancing its cyber-resiliency and active defense through its ThreatWise solution, leveraging intelligent ML and threat detection to proactively identify and remediate threats. Additionally, Commvault is enhancing its portfolio with risk analysis, threat scanning, and auto recovery features, further strengthening its cyber-resiliency functionality. The integration of security partner ecosystems, such as Microsoft’s Sentinel SIEM tool and CyberArk, underscores cyber-resiliency efforts to combine data protection, threat detection, and security measures for business continuity and minimizing potential risks.

What? Infinidat introduces a new cyber-resiliency solution, its InfiniSafe Automated Cyber Protection (ACP), to integrate with Security Operations Centers (SOC), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) applications. This would allow security-related incidents to trigger InfiniBox and InfiniBox SSA systems to immediately take an immutable data snapshot.

  • Why? Allowing for a snapshot to be automatically taken the instant potentially nefarious activity is detected allows for faster response to cyber attacks. This enables IT and Security teams to keep up with evolving threats and mitigate data loss.
  • What It Means: By facilitating immediate action, the ACP solution minimizes data corruption and exfiltration, reduces downtime, and improves business continuity. The ability to reduce reliance on manual intervention minimizes the potential for human error.

Market Developments

What? CrowdStrike pushes a misconfigured software patch update that triggered a “blue screen of death” (BSOD) on Windows hosts running the Falcon sensor, rendering them inoperable. Organizations heavily reliant on CrowdStrike for endpoint security were most affected.

  • Why? In the realm of cybersecurity, patches and updates are a daily necessity and critical to inhibiting malicious access to critical infrastructure. However, on July 19, 2024, the faulty update for CrowdStrike’s Falcon sensor, which was designed to address security vulnerabilities, contained a misconfiguration and resulted in widespread havoc.
  • What It Means: This incident underscores the critical reliance on IT systems and the importance of robust, fail-safe patching and update processes. The resulting damage was so extensive because CrowdStrike Falcon requires privileged kernel access to conduct a number of its key functions. This low-level access expands the potential attack surface, and as we have witnessed, even a simple bug in a patch update can inflict serious damage that can spread like wildfire given the ever-growing incidence of automation and software-defined architectures. It highlights the need for meticulous testing and validation of updates before deployment, as well as the importance of diversity in technology stacks for greater security and resilience. The outage underscores digital infrastructure vulnerabilities, urging businesses to reevaluate IT strategies and increase security budgets.

What? The Futurum Group fielded its inaugural Cybersecurity Decision Maker IQ data, surveying 841 decision makers who influence the purchase of cybersecurity products and services within their enterprise. The targeted respondents were IT managers or individuals working in the office of the CISO or the CIO. Key findings include:

    • More than half of organizations plan to add a new cybersecurity vendor, and 45% plan to add a new cybersecurity product category, in 2024.
    • Nearly 80% of organizations plan to add new cybersecurity vendors to enhance their existing cybersecurity environment and address the evolving threat landscape.
    • Among the respondents who do not plan to add a new vendor, more than 80% indicated an intent to invest more in their existing cybersecurity vendors.
    • More than 90% of organizations need to deploy cybersecurity tools, software, and services faster when compared with 3 years ago—with more than half needing to move 50% faster or more.
    • All products were being used by at least 45% of respondents, but the top three were Cloud Network Security (79%), Network Security (77%), and Data Protection (75%).
  • Why? The increase in severity and sophistication of attacks necessitates organizations to evolve and innovate in their approach to security.
  • What It Means: Organizations face vastly expanding potential attack surfaces. It is critical to inventory assets and vendors are integrating automation and AI into their tools to help IT and security teams assess risk and prioritize actions. The pressing requirement now is to empower these teams to up-level, scale, and respond quickly to critical vulnerabilities and incidents, focusing on data security and implementing a Zero Trust approach.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other Insights from The Futurum Group:

Security Investments Rise as Threat Landscape Darkens

VeeamON 2024: From Backups to Cyber-Resiliency and Incident Response

Cyber-Detection and Recovery Drive Commvault’s Portfolio Strategy

Introducing TruScale Backup with Veeam: Lenovo’s New On-Premises Cloud Solution

Author Information

Krista Case

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

SHARE:

Latest Insights:

Nick Coult, Director at Amazon Web Services, joins Keith Townsend to share insights on Amazon ECS's 10th anniversary, discussing its evolution, key innovations, and future vision, highlighting the impact Gen AI has on the industry.
Join hosts Patrick Moorhead and Melody Brue to explore the groundbreaking impact of high-capacity SSDs and QLC technology in driving AI's future, emphasizing Solidigm's role in leading this transformative journey.
Adobe Reports Record FY2024 Revenue Driven by Strong Digital Media and Digital Experience Segments While Leveraging AI to Drive Innovation and Meet Analyst Expectations
Keith Kirkpatrick, Research Director at The Futurum Group, analyzes Adobe’s FY2024 performance. Growth in the Digital Media and Digital Experience segments contributed to record revenue while addressing challenges like the impacts of foreign exchange.
Matt Yanchyshyn, VP at AWS, joins Dion Hinchcliffe to share insights on the evolving cloud marketplace landscape, highlighting AWS Marketplace's new features and the impact of GenAI on business operations.