Executive Summary: ISG Provider Lens™ Cybersecurity - Solutions and Services - U.S. 2022
To download the report for all quadrants, click the PDF on the right or the contact now button for access.
The individual quadrant reports are available at:
ISG Provider Lens™ Cybersecurity - Solutions and Services - Strategic Security Services - U.S. 2022
ISG Provider Lens™ Cybersecurity - Solutions and Services - Technical Security Services - U.S. 2022
The cybersecurity market in the U.S., witnessed exceptional growth in spending against the backdrop of a multitude of reasons threatening to impact businesses and economy. The U.S. market is reflective of global trends; U.S. is recognized for its high maturity in IT and security adoption and as the hub for centralized business decision making for several enterprises. The post-COVID-19 phase witnessed an unprecedent acceleration in digital transformation investments, uptake of remote and hybrid work models, incidents of sophisticated attacks and data leaks across enterprises of all sizes, and the (ongoing) Ukraine-Russia conflict. These reasons, combined with the surge in insider threats, lack of cybersecurity awareness with misguided perceptions and false sense of complete protection, have created further complexities, necessitating innovative, real-time and advanced security capabilities.
Here are some of the key factors disrupting the market dynamics and creating headlines:
- Identity and access management (IAM) gaining a strong foothold across enterprises, as the starting point for security investments, to stop breaches and data losses
- The accelerated shift to cloud leading to misconfigurations, security gaps, outages and control challenges
- Strong thought leadership, R&D and investments being made on sovereign cloud architectures with trusted security capabilities to meet strict compliance requirements
- Extended managed detection and response (XMDR) solutions experiencing significant growth in the market due to their advanced threat intelligence and remediation capabilities
- IoT growth further accelerating the convergence of IT/OT security, with endpoint solutions gaining significant traction
Enterprises in the U.S. are rethinking their security strategy with investments directed toward advanced and innovative security solutions, including identity management, endpoint protection and advanced data leakage and protection solutions. C-suite executives are seeking cybersecurity provider partners that offer holistic, end-to-end services, with delivery capabilities designed to suit the dynamic and agile needs of their enterprise. Concurrently, the market is undergoing aggressive consolidation, with several acquisitions targeted at improving portfolio attractiveness and competitive strength. In addition, there is intense collaboration among providers and vendors to create a robust ecosystem of partners, addressing specialized industry needs and compliance requirements, and future-proof solutions.
Cybercriminals Commercializing Threats Into a Business Model:
Cyber criminals are relentlessly uncovering vulnerabilities, using sophisticated phishing techniques and attacking with complex ransomware and malware. Comparable to state-sponsored adversaries in funding and structure, hacker groups are also gaining notoriety for executing complex attacks, at scale. The success of these attacks and their ability to exploit the combined intelligence of several threat actors have resulted in the availability of As-a-Service models for ransomware, malware and other exploits. Consequently, not only have the number of attacks and attackers increased, but also the needed skills among adversaries to execute such complex attacks have become less significant. Enterprises in the U.S. are perplexed with ransomware attacks because extortion is now not the only reason – exposing data or other critical vulnerabilities, stealing intellectual property and misleading/misdirection to hide advanced persistent threats are now some of the prevalent motivations.
A Shift to Cyber Resiliency from Cyber Security Technology:
Business leaders and enterprises are beginning to understand that attacks, threats and data losses are to a certain extent inevitable due to the sophistication of attacks, lack of visibility, awareness and human error. There is also an apparent and significant shift in mindset, especially among business leaders of small and midsize enterprises in the U.S. – a realization that attacks and breaches are not restricted to large, financially stable organizations with strong knowledge assets. Such attacks and breaches can happen to any organization and to some extent have already happened in their environment, however, many enterprises have no visibility to the extent and root cause.
Cyber resiliency is gaining prominence and mind share — the way forward to institutionalize a flexible and dynamic response together with recovery capabilities to ensure business continuity. While the premise of cyber resiliency is to ensure business and operational continuity with minimal losses and impact, the market lacks a standardized approach or methodology to measure cyber resilience. The cybersecurity market needs to prioritize the design and launch of a framework or reference working model to assess the maturity of cyber resilience across businesses.
Renewed Interest in Frameworks, Security Assessment Certifications and More:
Service providers and vendors are scrambling to invest to gain certifications from NIST, ISO 27001, MITRE ATTACK, SANS and other institutions. Several vendors such as CyberArk and ForgeRock have gained SOC 2 Type II certifications for their solutions, thereby indicating their commitment to assuring enterprise-grade security, availability, confidentiality and privacy for customer data. A significant portion of the Leaders and other providers ISG evaluated have aligned their cyber strategies to reflect the NIST Framework of Identify, Protect, Detect, Respond & Recover, to create security awareness among enterprises and to reflect these extensive measures and capabilities within their respective portfolios. Maturity assessment models, operations models and capability models utilize these frameworks. These models also necessitate strong human intervention across the framework to effectively secure enterprise assets.
Integrating Human Intelligence with Automation:
U.S. enterprises have realized that investment in advanced security tools and solutions alone will not offer enhanced levels of resilience – cybersecurity specialists are needed to drive these technologies. This realization has helped in creating an integrated process that allows for human-intelligent decisions based on machine-automated analysis. Solutions that support the correlation between intuition, intelligence, analytics and automation, driving synergies between human expertise and machine capabilities, are on the rise. Service providers and vendors have started investing in human-centric solutions, where seasoned cybersecurity specialists work with advanced AI and machine learning to drive real-time threat detection, isolation and response capabilities. Advanced security operations centers are being built with capabilities that integrate machine learning algorithms with human analysis for automated detection of unknown threats from network log files and other data collected across an IT environment.
Lack of Talent Necessitates Investments in Training and Upskilling:
The plethora of products and services available in the cybersecurity sector is in stark contrast to the human resource available to harness their benefits; there is a deep gap between the supply and demand of cybersecurity professionals in the U.S. market. According to industry estimates, the U.S. cybersecurity workforce has more than 1 million workers, with approximately 600,000 positions yet to be filled. Service providers and vendors are also actively investing in training and upskilling initiatives to replenish talent and fill these gaps to ensure a secure business environment. For example, Microsoft has a national campaign with community colleges in the U.S., to help place 250,000 people into the cybersecurity workforce by 2025, Google is training 100,000 people for vital jobs in data privacy and security in the U.S., IBM has plans to train 150,000 people in cybersecurity skills over the next three years — several other companies are launching similar initiatives.n this environment, enterprises are increasingly buying tools and solutions ad-hoc, resulting in point solutions that are effective for specific threats but do not address holistic security needs. Challenges arising from this situation, such as operational inefficiencies, lack of centralized ownership and inconsistent visibility can only be solved by specialized human expertise.
Data-Centric Approaches Drive Context- and Content-Aware Threat Detection Solutions:
Cyber analytics is witnessing increased traction to enhance threat hunting and detection capabilities. Through threat and data classification analytics helps identify unknown and advanced persistent threats. There is an increasing shift to leverage data-centric analytics to identify malicious behavior by users, files, software, endpoints, cloud and web applications. Vendors and providers are relying on innovative approaches to determine the nature of threats within their network — using contextual awareness and contentbased approaches to identify malicious behavior. These approaches enable increased visibility, thereby allowing isolation and further remediation.
Notes on quadrant positioning
In this study, several security services and solution providers that offer fairly similar portfolio attractiveness in most quadrants are assessed. This reflects the relative maturity of the market, providers and offerings. It is a given that not all are equal in circumstances. The vertical axis positioning in each quadrant reflects ISG’s analysis of how well the offerings align with the full scope of public sector organizations’ needs. Readers will also note similarities in portfolio axis (vertical axis) positioning with providers included in ISG’s Provider Lens™ U.S. Public Sector Cyber Security Solutions and Services study
Access to the full report requires a subscription to ISG Research. Please contact us for subscription inquiries.