Markets

Our seasoned analysts couple their industry-leading B2B research with in-depth buyer intent data for unparalleled insights about critical technology markets.

Overview

Business Applications

Cybersecurity

Data Management, Analytics & AI

Infrastructure, Cloud & DevOps

Services

Clients trust us across their GTMs—from strategy and product development to competitive insights and content creation—because we deliver high-quality, actionable support.

Overview

Insights

Browse our extensive library of research reports, research-based content, and blogs for actionable data and expert analysis of the latest B2B technology trends, market dynamics, and business opportunities.

Insights
Contact Us

Insight

  • The Evolving Role of Network Detection and Response

    ·

    John Grady

    Research Objectives

    The potential for serious business disruptions makes detecting threats quickly and accurately critical to preventing data loss, compliance violations, and lost revenue. Even as resources and users leave the traditional perimeter, the network should play a key role in detecting threats to avoid business disruption. Specifically, network-based tools provide consistent, comprehensive visibility across distributed, heterogeneous environments and remain outside the scope of attacker manipulation. Yet the number of threat detection and response tools that are available can leave users unsure of where to prioritize.

    In order to gain insight into these trends, Enterprise Strategy Group surveyed 376 IT, cybersecurity, and networking professionals responsible for evaluating, purchasing, and managing network security products and services for their organizations.

    This study sought to answer the following questions:

    • What challenges do organizations face with threat detection and response today?
    • In which part of the MITRE ATT&CK framework do organizations have the most difficulty detecting and stopping threats?
    • Have organizations ever fallen victim to an attack that used encrypted traffic to avoid detection? How did the attack use encryption?
    • What technologies do organizations believe are most effective for threat detection and response?
    • What are the primary reasons organizations use, or plan to use, network detection and response tools? How do organizations use or plan to use NDR for threat detection?
    • What specific use cases do, or will, organizations support through their use of NDR tools?
    • What attributes are most important to organizations in an NDR solution?
    • What benefits have organizations realized as a result of using NDR?
    • How do organizations weigh, or expect to weigh, artificial intelligence when selecting an NDR tool? For what reasons would organizations leverage artificial intelligence/machine learning capabilities with their NDR solutions?
    • What plans do organizations have to use XDR technology? How do organizations expect to consume NDR as part of their XDR strategy?
    • How do organizations expect their spending on network detection and response technologies, services, and personnel to change over the next 12 to 18 months?
    • Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.
    Already an Enterprise Strategy Group client? Log in to read the full report.
    If you are not yet a Subscription Client but would like to learn more about accessing this report, please contact us.

  • What Security Teams Want from MDR Providers

    ·

    Dave Gruber

    Research Objectives

    The use of managed detection and response services has become a mainstream strategy in modern security programs. But IT organizations shouldn’t be fooled by the name: MDR providers are delivering much more than basic detection and response, helping IT and security leaders accelerate program development and improve security posture. With no end in sight for the cybersecurity skills shortage, MDR services can bring immediate expert resources online, together with proven, best-of-breed processes and tools that can help security teams gain control and set themselves up for future security program success.

    In order to understand these trends, as well as assess the general state of managed detection and response service offerings, Enterprise Strategy Group surveyed 373 cybersecurity professionals personally involved with cybersecurity technology, including products, services, and processes.

    Already an Enterprise Strategy Group client? Log in to read the full report.
    If you are not yet a Subscription Client but would like to learn more about accessing this report, please contact us.

  • Protecting Web Apps Is a Cybersecurity Priority

    ·

    John Grady

    Web applications are critical resources for companies conducting business with their clients. These companies can’t afford to have these applications unavailable or compromised due to a cyber-attack. As a result, most organizations have made web application security one of their top cybersecurity priorities, and in many cases, the top priority. In doing so, companies are transitioning away from dedicated security tools that are proving to be inadequate in preventing attacks on multiple fronts. Integrated web application and API security protection (WAAP) platforms are fast becoming an attractive option for organizations.

    (more…)

  • The Market Moves Toward WAAP

    ·

    John Grady

    Business applications are the lifeblood of enterprises. Protecting them from various forms of attacks are first and foremost on the minds of security teams. Dedicated application security tools designed to prevent specific types of attacks are proving inadequate and contributing to tool sprawl. As a result, the security market is moving toward integrated web application and API protection (WAAP) platforms that combine four critical types of protection: WAF, DDoS mitigation, bot management, and API security.

    (more…)

  • SOC Modernization Priorities

    ·

    Jon Oltsik

    In the face of an increasingly complex threat landscape and acute shortage of cybersecurity professionals, security teams spend a large portion of their time on emergency issues instead of on continuous improvement of security strategy. Organizations are taking steps to bolster operations with the use of advanced analytics, a wider application of the MITRE ATT&CK framework, and increased utilization of managed security services. Security professionals also report that their organizations still need more investment in personnel, technology, and services. The upshot: Security spending will continue to increase in 2023, regardless of economic pressures.

    (more…)

  • Security Operations Managed Services

    ·

    Jon Oltsik

    The complexity and scope of the threat landscape, coupled with an acute shortage of security skills, is driving organizations of all sizes to increase their reliance on managed security services. The shift will require both parties to sharpen their skills: Security organizations will need to become more adept in contract management and division of labor, while managed security service providers (MSSPs) must scale and customize their offerings.

    (more…)

  • The Impact of Hybrid and Multi-cloud Business Applications on End-user Computing Strategies

    ·

    Gabe Knuth

    Hybrid and multi-cloud usage in organizations continues to be pervasive as more organizations turn to a cloud-first strategy, but organizations still plan on hosting business apps on-premises for the foreseeable future. Though this trend is larger than just end-user computing and desktop virtualization, it signals the need for flexibility when it comes to delivering workloads to support the digital workspace.

    (more…)

  • UCaaS Platform Requirements of Hyperconnected Enterprises

    ·

    Enterprise Strategy Group

    Research Objectives

    Determine the extent to which organizations are pursuing a UCaaS solution to help consolidate communication channels and aggregate collaboration applications. Understand the common tipping point for stakeholders to consolidate the multiple existing communication and collaboration platforms into a UCaaS solutionGain insights into what matters most for IT operations, LoB executives, and end-users, as well as what may be slowing down UCaaS investment. Gauge buyer preferences for the capabilities, economics, and business value of a UCaaS solution.

     


    (more…)

  • Cloud-native Application Trends for 2023

    ·

    Paul Nashawaty

    The 2023 Technology Spending Intentions Survey from Enterprise Strategy Group indicates that organizations focused on rapidly developing and deploying cloud-native applications use DevOps and agile software development methodologies more frequently than others. This implies that being cloud-native is as much about embracing iterative methodologies as it is about the technology. The survey findings also suggest that an organization’s use of cloud-native applications and its level of adoption of agile methodologies can have a substantial impact on its digital transformation journey and maturity.

    (more…)

  •  Cyber-threat Intelligence Programs: Ubiquitous and Immature

    ·

    Jon Oltsik

    Research Objectives

    Cyber-threat intelligence (CTI) is analyzed information about cyber-threats that helps inform security decision making. Although security professionals recognize the value of cyber-threat intelligence, many organizations still consume it on a superficial basis. Rather than collect, process, analyze, and disseminate cyber-threat intelligence to internal stakeholders, they simply look to cyber-threat intelligence for indicators of compromise (IoCs) like malicious IP addresses, web domains, and files that could be blocked by firewalls, email gateways, and endpoint security tools. Unfortunately, an IoC-based approach to CTI is extremely limited as adversaries can easily change IoCs, thus circumventing security controls, signatures, and blocking rules. Recognizing these limitations, most organizations have established CTI teams to gain a better understanding of the cyber-threats, adversaries, and attacks with the potential to disrupt business operations or steal sensitive data. This is the right decision, but establishing a productive CTI program isn’t easy. CTI program success depends upon a lifecycle approach spanning five phases:

    1.      Planning and direction.

    2.      CTI collection.

    3.      Processing.

    4.      Analysis and production.

    5.      Dissemination and feedback.

    Mature CTI programs formalize this lifecycle approach, gain a thorough understanding of adversary behavior, and respond with appropriate countermeasures. Immature CTI programs are fraught with waste, overhead, and constant questioning of program results and value. Are organizations establishing mature CTI programs? What are the key success factors? In order to gain insights into these trends, TechTarget’s Enterprise Strategy Group surveyed 380 cybersecurity professionals at organizations in North America (US and Canada) with knowledge of and participation in their organization’s CTI programs.

    (more…)

  • Operationalizing Cyber-threat Intelligence

    ·

    Enterprise Strategy Group

    Research Objectives

    Determine the current state of cyber-threat intelligence (CTI) programs. Identify the stakeholders using cyber-threat intelligence and for what purposes. Highlight CTI program challenges and strategic plans. Determine the behavior and use cases of mature CTI programs.


    (more…)

  • Celebrating Women in Cybersecurity

    ·

    Melinda Marks

    GettyImages-851986416On International Women’s Day, I’m proud to celebrate nearly one year of our Women in Cybersecurity series. We launched the series to connect women in the industry and to spotlight their stories with hopes to increase representation in the field. It’s been a great year of interviews with security experts and leaders, including company founders, CEOs, researchers, and CISOs, sharing their stories, tips, and resources. 

    If you haven’t already, I hope you check out the series as every episode is informative and inspiring. My hope was to make the content available in anyone’s preferred format; you can read the blog posts, watch the short videos for highlights, and listen to the full audio recordings of the interviews, and I hope you have as much fun hearing these stories as we had doing these shows! Don’t forget to subscribe so you never miss a show since there is much more to come!

    Here are some of my personal experiences along with key takeaways and highlights from the shows. 

    (more…)