IDC Corporate USA - Experts & Thought Leaders

WatchGuard® Technologies now announced the WatchGuard Zero Trust Bundle – a streamlined solution that finally makes zero trust achievable for organizations of all sizes. For years, businesses have struggled to piece together identity, endpoint, access, and network tools, creating high costs, operational friction, and daily disruption. The WatchGuard Zero Trust Bundle solves this by unifying these capabilities into a simple, continuously validating, cloud-delivered framework. The launch comes as attackers are increasingly targeting both identities and endpoints. WatchGuard’s latest Internet Security Report shows evasive malware up 40% quarter-over-quarter and 70% of malware now delivered over encrypted channels, making traditional controls less effective. These trends highlight the need for continuous identity checks, device validation, and session-level enforcement working together, not as separate tools. WatchGuard’s FireCloud Total Access Organizations have pursued zero trust for more than a decade, but it has remained difficult to build and often disruptive to business. Building on WatchGuard’s recent launch of FireCloud Total Access, which modernises secure access through a cloud-delivered approach, the Zero Trust Bundle offers a practical, deployable path to zero trust without the complexity or overhead of legacy enterprise solutions. “This is our first powerful step into unifying zero trust and modernising network security,” said Andrew Young, chief product officer and senior vice president of product at WatchGuard. “Zero Trust works when tools work together. Our Zero Trust Bundle unifies identity, device, access, and XDR so our partners can deliver stronger security and scalable services. Over time, our zero trust story will extend directly into the network stack itself, creating one continuous, adaptive security model.” Zero Trust simplified: What’s included in the bundle The WatchGuard Zero Trust Bundle brings identity confidence, device integrity, and secure access together in a single, cloud-delivered architecture that can be deployed with minimal overhead. A single purchase delivers the complete zero-trust solution, and a single agent deploys it seamlessly across the environment. Key components include: Total Identity Security – Adaptive MFA, SSO, risk scoring, and Dark Web Credential Monitoring to identify exposed credentials early EPDR (Endpoint Protection, Detection & Response) – Continuous device health checks, automated prevention, and Zero-Trust Application Control FireCloud Total Access – Cloud-delivered FWaaS, SWG, and ZTNA replacing VPNs with fast, context-aware access WatchGuard’s identity foundation These solutions operate through WatchGuard Cloud and ThreatSync XDR, which together deliver unified correlation, automated containment, simplified licensing, automation, and multi-tenant operations for MSP efficiency – all governed by a continuously validating Zero Trust Control Plane. A key enhancement to WatchGuard’s identity foundation is Dark Web Credential Monitoring. Built into AuthPoint Total Identity Security, this feature extends zero trust earlier in the authentication process by proactively checking for compromised credentials before attackers can use them. Available to the SME and MSP segments “WatchGuard’s architecture stands out because its identity, device trust, and session enforcement capabilities function natively through a single, consolidated control plane,” said Pete Finalle, research manager for IDC’s Security and Trust practice. “This level of cohesion creates a better together story that is not typically available to the SME and MSP segments, and is a significant advancement in bringing zero trust to a broader audience.” Clear, immediate value for organizations and MSPs The Zero Trust Bundle delivers enterprise-grade outcomes without enterprise-grade complexity: Accurate, risk-based access decisions Hardened devices kept in a known-good state Secure access without VPN bottlenecks Faster containment with unified signals A profitable, repeatable service model for MSPs Zero trust maturity “By bringing identity protection, device validation, and access control into one framework, WatchGuard makes zero trust something we can deploy quickly,” said Felicia King, vCTO/vCISO of QPC Security. “It strengthens the security outcomes we deliver to clients without adding complexity.” The Zero Trust Bundle replaces the legacy Passport offering and provides a scalable, modern path for advancing zero trust maturity with minimal friction.

Teleport, a pioneering provider of identity security solutions for engineering and infrastructure teams, has been named an IDC Innovator in the IDC Innovators: Security for Agentic AI, 2025 (doc # US53737325, September 2025) report. According to the report, “Teleport brings a pragmatic approach to securing agentic AI by embedding AI identity and access controls directly into its Infrastructure Identity Platform. For CISOs navigating the complexity of AI adoption, this means AI agents are governed with the same rigor as human and machine identities — no bolt-on solutions and no new silos.” AI-specific tools “Enterprise infrastructure already suffers from identity fragmentation, and this challenge will only intensify as AI adoption grows,” said Ev Kontsevoy, CEO of Teleport.  “Each new technology requires a different tool to manage access. Adding AI-specific tools that treat AI identities separately from human and machine identities will only create more blind spots for malicious actors to exploit.” Engineering and security teams Kontsevoy added, “We believe being named an IDC Innovator validates what we are doing at Teleport. Changing the way enterprises secure their identities by treating them all equally is making the industry more secure. By unifying human, machine, and AI identities into a single layer directly at the infrastructure level, security teams need only one system to manage access across all identity types." Teleport's platform enables engineering and security teams to secure AI with cryptographically-backed identity, short-lived privileges, and audit-grade session recording. Teleport can further pair access and governance guardrails with observability, eliminating teams to identify and eliminate suspicious activity. LLM and AI interactions “Model Context Protocol is rapidly becoming the standard for connecting AI agents with the tools and data they need, but it was never designed with security in mind,” said Frank Dickson, Group Vice President, Security & Trust at IDC. “As enterprises adopt MCP to build AI systems, they need a way to ensure interactions between servers and LLMs are traceable and authorized. Teleport solves this need by integrating MCP support into its Infrastructure Identity Platform.” Organizations can secure LLM and AI interactions with their databases, using the same platform that also secures servers, clouds, Kubernetes, Windows desktops, GitHub, and Web applications. This enables organizations to apply the same robust identity and access controls that govern human and machine identities to AI agents.

Commvault, a major provider of cyber resilience and data protection solutions for the hybrid cloud, announced its intent to acquire Satori Cyber Ltd (Satori), a data and AI security company. Enterprises are facing a perfect storm of AI adoption, data growth and sprawl, and regulatory pressures globally. The need to manage these challenges across hybrid and multi-cloud environments is paramount for security, IT, and business pioneers, as well as boards. Control access to sensitive data By acquiring Satori, Commvault will help enterprises further support compliance requirements By acquiring Satori, Commvault will help enterprises further support compliance requirements, mitigate risks, and control access to sensitive data, who has access to it, and how the data is being used, critical in the AI era. It also includes large language model (LLM) monitoring and prompt protection, automated discovery, classification, and access management for structured data. This builds on and complements a robust set of capabilities for discovery, classification, and policy management of unstructured data estates that Commvault provides today. Modern data platform adoption “As enterprises accelerate AI and modern data platform adoption, securing sensitive data across distributed environments grows increasingly complex,” said Rajiv Kottomtharayil, Chief Product Officer, Commvault. He adds, “By integrating Satori’s real-time, agentless controls and deep visibility into structured and AI training data, we’re extending our cyber resilience into the data layer — enabling secure data access, AI governance, and policy enforcement across platforms like Snowflake, Redshift, and Databricks to reduce risk and drive compliant innovation.” Incorporating AI “Rapidly incorporating AI comes with risks,” said Eldad Chai, CEO and Co-Founder, Satori. He adds, “Our next-generation AI capabilities integrated into Commvault’s cyber resilience platform will offer customers a unified approach to securing sensitive data and AI pipelines – from discovery to governance and from access management to cyber recovery.” Oversight of information “This acquisition strengthens Commvault’s capacity to assist enterprises with the growing intricacies of data and AI security. As businesses incorporate more AI-driven processes and their data footprints expand, having comprehensive oversight of information assets becomes vital,” says Frank Dickson, IDC Group VP, Security and Trust. He adds, “Satori Cyber’s multi-cloud data activity monitoring, data discovery, and policy enforcement controls will enhance Commvault’s ability to help clients simplify compliance efforts to mitigate security and privacy risks.” Unique capabilities Satori will bring a host of unique data and AI security capabilities to the Commvault Cloud platform, including:  Purpose-built innovation for the modern data stack and AI era: Cloud-native, agentless, and integration-ready with platforms like Snowflake, Redshift, Databricks, and Microsoft Fabric – making policy enforcement, masking, and access governance simple to deploy at scale. Data security for structured and AI training data: Discover, classify, and protect sensitive data across cloud-native databases, warehouses, and analytics platforms – before it is exposed or misused. AI-aware protection and recovery: Track data flowing into LLMs and AI models, assess risk, and enable compliant recovery using Commvault’s trusted backup and cleanroom workflows. The acquisition is expected to close in August 2025. 

The past decade has seen unprecedented growth in data creation and management. The products and services that consumers use every day – and the systems businesses, large and small, rely on – all revolve around data. The increasing frequency of high-profile data breaches and hacks should be alarming to anyone, and there’s a danger data security could worsen in the coming years. According to DataAge 2025, a report by IDC and Seagate, by 2025, almost 90% of all data created in the global datasphere will require some level of security, but less than half of it will actually be secured. Nuanced Approach To Data Security Security is a circle, not a line. Every actor involved in the handling and processing of data has responsibility for ensuring its securityThe rapid proliferation of embedded systems, IoT, real-time data and AI-powered cognitive systems – as well as new legislation like the European Union’s GDPR – means that data security has to be a priority for businesses like never before. With data used, stored and analyzed at both the hardware and software level, we need a new and more nuanced approach to data security. Security is a circle, not a line. Every actor involved in the handling and processing of data has responsibility for ensuring its security. What this means in practice is renewed focus on areas of hardware and software protection that have previously not been top of mind or received large amounts of investment from businesses, with security at the drive level being a prime example. The Importance Of Data-At-Rest Encryption In a world where data is everywhere, businesses need always-on protection. Data-at-rest encryption helps to ensure that data is secure right down to the storage medium in which it is held in a number of ways. Hardware-level encryption, firmware protection for the hard drive, and instant, secure erasing technology allow devices to be retired with minimal risk of data misuse. Data-at-rest encryption helps to ensure that data is secure right down to the storage medium in which it is held in a number of ways A recent report from Thales Data Threat found that data-at-rest security tools can be a great way to help protect your data. However, it’s important to note that this must be used in conjunction with other security measures to ensure that those that fraudulently gain access to your key management system can’t access your data. Ensuring Drives To Be Common Criteria Compliant One straightforward test any business can do to ensure its storage is as secure as possible is to check whether the drives are Common Criteria compliantDespite the clear benefits, this kind of encryption lags behind other areas, such as network and endpoint security, in terms of the investment it currently receives. The same Thales Data Threat report found that data-at-rest security was receiving some of the lowest levels of spending increases in 2016 (44%), versus a 62% increase for network and a 56% increase for endpoint security. One straightforward test any business can do to ensure its storage is as secure as possible is to check whether the drives are Common Criteria compliant. Common Criteria is an international standard for computer security certification, and drives that meet this standard have a foundational level of protection which users can build on. Providing An Additional Layer Of Security The retail industry has seen a spate of security breaches recently, with several major US brands suffering attacks over the busy Easter weekend this year. As frequent handlers of consumer card information, retailers are particularly vulnerable to attack. Data-at-rest encryption could enhance security in these instances, providing an additional layer of security between customer records and the attacker The advanced threats retailers face can often evade security defences without detection. Such a breach could grant attackers unrestricted access to sensitive information for possibly months – some breaches are known to have been detected only after consumer payment details appeared on the dark web. These types of undetected attacks are highly dangerous for retailers, which are relatively helpless to protect consumer information once their defences have been compromised. Data-at-rest encryption could significantly enhance security in these instances, providing an additional layer of security between customer records and the attacker which has the potential to make the stolen data valueless to cyber criminals. Industries In Need Of Data-At-Rest Encryption Healthcare organizations, which hold highly sensitive customer and patient information, have a strong use case for data-at-rest encryption. With the widespread adoption of electronic patient health records, that data is increasingly more vulnerable to attack. Recent research from the American Medical Association and Accenture revealed that 74% of physicians are concerned over future attacks that may compromise patient records. With the widespread adoption of electronic patient health records, that data is increasingly more vulnerable to attack The financial sector would also benefit from further investment in data-at-rest encryption, given 78% of financial services firms globally are planning on increasing their spending on critical data, according to Thales’ Data Threat Report. It’s helpful to view security as a circle in which every piece of hardware and software handling the data plays its partSMEs and enterprises are not immune to security threats either – with growing numbers of people traveling for work or working remotely, the risk of sensitive business data becoming exposed via device theft is heightened. Usernames and passwords have little use if thieves can simply remove unencrypted hard drives and copy data across. Securing Every Hardware And Software Technology vendors often focus on aspects of hardware and application security that are within their control. This is understandable, but it risks proliferating a siloed approach to data security. There is no single line for data security -- rather, it’s helpful to view it as a circle in which every piece of hardware and software handling the data plays its part. There’s a clear need for more industry dialog and collaboration to ensure data security is effectively deployed and connected throughout the security circle and across the value chain.

To say the surveillance industry has changed over the last quarter of a century is an understatement. From high-definition cameras and TVs to high flying drones and video analytics – the surveillance industry has shifted in ways we never expected to see in such a short space of time. What’s more, with such advancements in both quality and choice that’s now available in the market, it’s no wonder that revenue in the video surveillance market is set to double to $75.64 billion by the end of 2022. Overall, some of the biggest opportunities in the surveillance industry will be through adopting new technological practices, particularly around the Internet of Things (IoT), cloud storage and artificial intelligence (AI) such as machine learning. The main question however is exactly how these trends will shape the surveillance industry of the future? Growing Data Needs In The IoT Era Recently, Seagate and IDC released a whitepaper looking at the future of data and the factors that will contribute to worldwide data exploding to 163ZB by 2025. One of the biggest reasons for the increase in data is the rise of connected devices as a result of the IoT. Specifically, within surveillance we are seeing this occur already, thanks to drones and other wearable security devices becoming connected and coming online. With so many more transactions being created and tracked it’s crucial to think about how the surge in data will be managed. The use and integration of data in businesses and our lives is also quickly moving to the need for real time data Hard Drives Optimized For Surveillance With such complexity in both the data set and its use, it’s imperative that we make sure that we have all the right hardware for the job. In the past, data centers would typically use the largest capacity drives their budget would stretch to, with the knowledge that the drives would be sufficient for its needs. However, as we move to a more complicated data set thanks to the rise of the IoT, we now need to begin to make more of a conscious effort to consider what drive is right for our needs. A prime example is how specialized hard drives have been making their way in to the surveillance market that have been optimized for specific use functions. One such drive is Seagate’s SkyHawk which allows security applications to continuously record video over a 24/7 basis. Unlike other industries, the surveillance market needs drives that have the capacity to run and write data 90% of the time so that businesses are never caught out using unsuitable and unreliable drives which could have serious consequences to personal and business safety. Access To Video In The Cloud   The rise of connected devices is also generating a substantial volume of data. This poses the question of where exactly this data will be stored and conversations are already taking place around access to video in the cloud.  A key driver of the shift to cloud-based, fast-access, and truly mobile data usage is that data has increasingly become a critical influencer for our lives in all aspects There are a couple of benefits to consider when it comes to video surveillance in the cloud. Firstly, the data is stored in a central, shared system so users can access the content quickly and easily from wherever they are. Secondly, it’s possible to update a cloud-based product on an ongoing basis, often in real-time, and once improvements have been made they are immediately visible and available to customers. Emergence Of Hypercritical Data A key driver of the shift to cloud-based, fast-access, and truly mobile data usage is that data has increasingly become a critical influencer for not only our businesses but also our lives in all aspects. Our research with IDC revealed that data usage is changing and it now has to be analyzed by its level of criticality. The emergence of hypercritical data also means that businesses should look to review how they capture data and deliver data analytics. This is because they’ll require an infrastructure that can deliver high reliability and bandwidth as well as increased security. This could be something as simple as making sure they choose the hard drives that offer the ability and resilience to deal with the requests for data analysis. Thanks to AI we’ll see the industry becoming more proactive, rather than reactive Machine Learning And AI For Real-time Analytics The use and integration of data in businesses and our lives is also quickly moving to the need for real time data. As such, data is delivered to not only inform but also determine actions — sometimes autonomously. Consequently, machine learning and AI is causing a huge buzz within video surveillance. And it’s no wonder when the opportunity for our industry is huge. If security guards and emergency services can use the data from AI to make smart predictions, it will help increase preventative and real-time tactics in surveillance, rather than simply being used as a post event, forensic tool. Thanks to AI we’ll see the industry becoming more proactive, rather than reactive, as a result of machine learning being able to predict security and surveillance situations before they happen. Over time, the demand for intelligent video analytics and systems is only going to increase as more and more industries realize the benefits for its application. It’s up to all of us to work with our partners and customers to ensure that they are ready for this change and are advised of the best way to manage and store the data generated to meet their needs.

Widespread use of smartphones and the loT have fuelled explosive demand for connectivity, convenience and control The growing Internet of Things (loT) or intelligent, inter-connected devices are causing a paradigm shift in nearly every technology sector, including the security installing industry. The global IoT market, according to research firm IDC, Framingham, Mass., is predicted to increase from 10.3 million “endpoints” in 2014 to more than 29.5 million in 2020. This article by SourceSecurity.com's dealer/integrator correspondent, Deborah L. O’Mara looks at COPS Monitoring’s focus on helping security companies easily add a wide range of new services and corresponding RMR. Smartphones And loT Connectivity Demand Across the security landscape, this widespread change and adoption of devices and systems riding on the network is causing massive change across the board, from installing companies to central station monitoring firms. Jim McMullen, president and chief operating officer, COPS Monitoring, Williamstown, N.J., says widespread use of smartphones and the loT have fueled explosive demand for connectivity, convenience and control, and the Underwriters Laboratories Listed, Factory Mutual Approved central station provider is delivering the critical services associated with these trends. “Smart hardware for items like lighting, thermostat, locking, and video cameras and useful apps to manage these components are the types of services customers want. Fortunately, many of today’s modern security systems have proven to be a viable platform for a more comprehensive connected home solution. Dealers that understand and embrace these new services can leverage the growing demand by integrating home automation and lifestyle services with security. In many cases, it equates to additional recurring monthly revenue (RMR) and a ‘stickier’ customer.” Geo-Diverse Hometown Central Stations COPS Monitoring operates six strategically located geo-diverse hometown central stations. Five central stations, in New Jersey, Florida, Arizona, Tennessee and Texas, are hot-redundant and load sharing. If local conditions affect one of its locations, it continues to deliver fast and professional service by over-staffing other load-sharing centers. The company’s sixth central station in Maryland will be integrated into its current services in 2015.  "Smart hardware for items like lighting, thermostat, locking, and video cameras and useful apps to manage these components are the types of services customers want, " says Jim McMullen, President & COO COPS Monitoring McMullen says that from the company’s beginning more than 37 years ago, COPS Monitoring’s success has been dependent upon one thing: helping independent alarm dealers succeed.  “Today, we are the largest independently-owned third party monitoring company in the industry, yet our regional approach allows us to maintain a more personable ‘hometown’ level of service,” he says. “With one of the most of experienced management teams in the industry and an in-house staff of programmers, COPS Monitoring not only has clear vision and leadership, but we also have the resources and ability to give our dealers an advantage by quickly adopting the best new technologies as they become available.” New Services And Corresponding RMR COPS Monitoring is fine-focused on helping security companies easily add a wide range of new services and corresponding RMR. “We support essentially all of the modern panels from major manufacturers that give dealers the ability to offer their customers a variety of home control, lifestyle services and security apps,” McMullen says. “In addition to the ability to control their alarm system and other connected devices, consumers can also receive notification about alarm events. We also created our own useful app for dealers to package to end-users as a white-label solution. Unfortunately, today’s security system apps don’t give customers the most important information about what happened during an alarm event - such as who was called, whether a passcode was given, or if the authorities were dispatched. That’s why professional central station monitoring services are so critical, and we wanted the results of our actions to be at the end-users’ fingertips,” he says.  User-Friendly Interface For Customer Satisfaction This solution has been a differentiator for the COPS dealers: the smartphone, tablet and PC access called MPower is branded with the dealer’s logo. The interface is also color-coordinated for a custom look and feel for each dealer. “The additional peace of mind of knowing what happened during an alarm event is why our dealers consider MPower an integral part of protecting RMR.  Its user-friendly interface improves customer satisfaction and ultimately helps to reduce attrition.  What’s more is that MPower can be offered as a standalone service because it works with any panel and transmission format, whether a connected home system is installed or not,” McMullen says. “Our industry is changing at a pace faster than ever before, which means dealers need a central station that can stay ahead of the technology curve and have the ability to quickly support the best emerging technology so they can provide the products and services their customers demand.”