EMA Blog: Business Intelligence and IT Management

Articles proclaiming the death of CMDB started appearing with regularity as early as 2010. Cloud was named as the likely killer. The problem with this bit of folk wisdom is that it isn’t true.

EMA experience and field research consistently find that CMDB use not only continues but is on the rise. In a 2022 EMA initiative on the rise of ServiceOps, 400 global IT leaders stated that CMDB use was central to major functions. For many of those respondents, CMDB use was viewed as increasing in importance for automation of complex processes.  

Where is the disconnect?

The stage was set, the players were ready, and Black Hat USA 2023 delivered a cybersecurity spectacle that left no doubt—this was a game-changing event. As we unpack the highlights, one overarching theme emerges: a united front against ever-evolving threats. From generative AI to cloud security and a glimpse into the future of defense, this year's conference illuminated the power of collaboration and innovation. Amidst these pivotal discussions, one revelation—the TETRA:BURST vulnerabilities—took center stage, leaving an indelible mark on the field.

Last week, I had the privilege of attending ConnectWise’s IT Nation Secure conference. The three-day conference focused on managed service providers (MSPs) – specifically, how those MSPs can better secure and protect small businesses and midmarket companies. If you haven’t attended this conference in the past but have attended others, I highly recommend attending the ConnectWise IT Nation Secure conference due to the unique perspective they provide for the cybersecurity industry.

The 2023 RSA Conference was one of the largest and most impactful cybersecurity events of the year. The conference brought together a large number of exhibitors, training sessions, and sponsor briefings and generated a lot of buzz on social media platforms, such as Twitter and LinkedIn. We took some time to analyze the data from social media and the conference and found some interesting trends.

To celebrate Star Wars Day, I thought I would share a few ways in which the Empire did not adhere to information security best practices, and that enabled the Rebels to win.

To be clear: I do not support the Empire, the Sith Lords, or any other types of scum and villainy. Nor am I trying to portray the Rebel Alliance as a weird, Force-wielding, Galactic hacker consortium or something. But had the Empire not been so lax in their security controls, Emperor Palpatine and his buddies might have been able to bring their “order and peace” to the galaxy.

A working definition: ServiceOps is a technology-enabled approach to unifying IT service and IT operations management for excellence in delivery of digital business services.

Although the two teams have different charters and skillsets, IT service and IT operations are inextricable. There is no service without effective IT operations.

This is a sponsored blog post.

With most companies now operating in multiple cloud providers, network and security complexity are increasing. For instance, 96% of multi-cloud enterprises are using more than one networking vendor across their cloud estates, according to new research from Enterprise Management Associates (EMA).

Seemingly every day, we hear about the next batch of layoffs from the household-name tech companies: 10,000 here, 1,700 there. As we continue into earning seasons for these publicly traded (and some not publicly traded) companies, we will likely hear more. The substory is that unemployment is at an all-time low, with the job market adding over 500,000 jobs in January. 

As of January 2023, Over 194,000 Systems on Internet Still Vulnerable to Heartbleed

The Bleeding Heart of the Internet

In April 2014, the Heartbleed vulnerability was publicly disclosed, sending the information technology world into a panic and rushing to patch this critical vulnerability in OpenSSL, which was allowing the theft of information directly from the memory of vulnerable systems, including private keys and other secrets. This vulnerability featured extremely easy exploitation by attackers, leaving no trace of attacks. Heartbleed ultimately resulted in many late nights for most of the information technology industry, who worked to implement and validate patches for open and closed source products that have integrated the OpenSSL libraries – which accounts for an extremely large percentage of technologies connected to the internet.

The WAN edge is becoming more distributed and dynamic, which is overburdening IT organizations that are already at a breaking point. Software-defined WAN technology has solved some of the issue, but they haven’t gone far enough. The cloud, the Internet of Things (IoT), and the work-from-home (WFH) revolution demand something more.