Frankly Speaking, 7/23/19 - Security in the "Digital Transformation" world
A weekly(-ish) newsletter on random thoughts in tech and research. I am an investor at Dell Technologies Capital and a recovering academic. I am interested in security, blockchain, and devops.
If you were forwarded this newsletter, you can subscribe here, and view old newsletters here.
I'm finally getting some time to breathe and do more writing. Seriously, I've talked with all my VC friends, and summers not chill at all. Anyway, I'm trying to keep a better cadence of making sure I do this weekly or have no more than 2 weeks go by without a Frankly Speaking of some sort.
To ease my life a bit, as an experiment, I'm going to combine my Weekly Tech Thought and Let's Be Frank, meaning there will only be one section instead of two. Having to produce only one section will hopefully allow me to focus on creating high quality content and keep a weekly cadence.
Feedback is always appreciated on whether this is working or not! I'm taking a page out of our startups' playbooks, and experimenting with new sections.
Finally, I want to congratulate Dell Tech Capital portfolio company, Barefoot Networks*, for being acquired by Intel and also Elastifile* for being acquired by Google*. That puts us at 5 exits this year alone (Cylance, CloudEndure, and Twistlock being the other 3). Wow, what a year we're having!
With that said, I'll be at Blackhat if anyone wants to meet up. Just send me a note or come say hi as I wander the halls of Blackhat playing Infosec bingo....
LET'S BE FRANK
I discussed my frustrations around the term "Digital Transformation" and its ambiguity. To recap, what people are trying to say is that the IT infrastructure of legacy companies are changing, and new companies have different IT strategies. Namely, legacy companies are moving to the public cloud as well as new companies are starting cloud-first and slowly moving to private cloud. The "digital transformation" captures that phenomenon as well as all the consequences of that, such as Kubernetes, software-defined networks, new types of storage, etc.
Anyway, what does this mean for security? Short (and indirect) answer: This is great for security. This is why we are seeing so much activity in security and so many acquisitions by legacy security providers like Palo Alto Networks, trying to reinvent themselves in the new world.
At a very high level, the changes in IT infrastructure allow organizations to "reset" their security strategy. Organizations are no longer stuck with their legacy solutions or compatibility with them. In the public cloud, they can get a fresh start on their security strategy, which is, of course, good and bad.
Consider firewalls. In the past, firewalls were easily installed because they were a box that you plugged into your datacenter. In the public cloud, you can't plug in a box. Organizations have to think of a new strategy. This is good for security, but it's tough for older generation security experts to think about because it's just a different mindset. You don't have access to infrastructure, and you have less control. Moreover, many cases, you have a hybrid cloud infrastructure and new stacks, like Kubernetes. That's probably why Crowdstrike is doing pretty well!
As a result, cloud security companies are widely successful by doing somewhat simple things like Redlock* by taking a lot of private cloud security principles and helping find a way to "port" them into the public cloud world. This security strategy "reset" does give a lot more flexibility to security practitioners around managing their strategy in this new cloud world, but it also creates more problems. However, I think a big part of the security boom is because of this IT infrastructure shift, which makes sense. Security is almost always reactive to an IT trend.
TWEET OF THE WEEK
Honestly, this Twitter account is gold. I probably can just have all my Tweets of the Week come from this account.
CURRENTLY READING
"Locking Up Our Own: Crime and Punishment in Black America" by James Forman, Jr.
I just started this book, which won the 2018 Pulitzer Prize for General Non-Fiction. So far, it's a very well-written and well-researched study about how we became a culture of mass incarceration, especially of African Americans.