Markets

Our seasoned analysts couple their industry-leading B2B research with in-depth buyer intent data for unparalleled insights about critical technology markets.

Overview

Business Applications

Cybersecurity

Data Management, Analytics & AI

Infrastructure, Cloud & DevOps

Services

Clients trust us across their GTMs—from strategy and product development to competitive insights and content creation—because we deliver high-quality, actionable support.

Overview

Insights

Browse our extensive library of research reports, research-based content, and blogs for actionable data and expert analysis of the latest B2B technology trends, market dynamics, and business opportunities.

Insights
Contact Us

Insight

  • Is Cybersecurity Really an Issue in the Boardroom and C-Suite?

    ·

    Jon Oltsik

    GettyImages-637920192Somewhere around 2015, the security industry adopted a new mantra, “cybersecurity is a boardroom issue.” This statement was supported by lots of independent research, business press articles, webinars, local events, and even sessions at RSA and Black Hat crowing about the burgeoning relationship between CISOs, business executives, and corporate boards.

    At the beginning of last year, I noticed that boardroom buzz about cybersecurity hadn’t really changed over the past 5 years – same old tired rhetoric and hyperbole. Hmm. Certainly, things must have progressed in that 5-year timeframe, right?

    (more…)

  • 2021 Technology Spending Intentions Survey

    ·

    Bill Lundell

    Based on a survey of 664 global IT and business professionals at enterprise and midmarket organizations, the 2021 Technology Spending Intentions Survey examines the key business and technology priorities driving 2021 spending plans across a range of technology markets including infrastructure, cloud services, cybersecurity, artificial intelligence (AI), analytics, data protection, mobility, business applications, and more.

    (more…)

  • MSP Partner Landscape 2020

    ·

    Enterprise Strategy Group

    ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.

    This Master Survey Results presentation focuses on 2020 MSP landscape best practices and actions; standout vendor offerings, programs, and support; and differences between small and larger partners.

    (more…)

  • Data Protection Predictions for 2021

    ·

    Christophe Bertrand

    No one could have predicted the COVID-19 pandemic and the profound impact it has had on our lives, our society, the way we now work, how we market our products, and the ripple effects on IT infrastructure and data in general. This once-in-a-lifetime event is placing data protection at the top of many lists, something that our research highlighted in 2020 and, looking ahead to 2021, will directly affect IT strategies against a backdrop of accelerated digital transformation/optimization.

    Download Now
    For more information or to discuss these findings with an analyst, please contact us.

  • Network Security Predictions for 2021

    ·

    John Grady

    Enterprise Strategy Group’s John Grady outlines seven network security predictions for 2021, including:

    • Remote work and zero trust access will remain top drivers for SASE through next year.
    • The appliance market evolves to remain relevant.
    • Runtime application security continues to converge.
    • API protection gets its due attention as part of WAAP.

    For more predictions and a look back at how significant 2020 was for network security, download the full brief.

    Download Now
    If you’re interested in learning more or would like to discuss these findings with an analyst, please contact us.

  • Data Protection Trends and Strategies for Containers

    ·

    Christophe Bertrand

    Container adoption is accelerating and so too is the requirement to properly protect container environments and the data in them. ESG research indicates that, so far, IT professionals are kicking the can down the road. While many recognize the growing importance of containers relative to other vital application platforms, confidence levels in organizations’ ability to protect containerized workloads are lagging. As was the case with other recent disruptive shifts in the IT landscape, including the VMware and cloud computing phenomena, newer data protection approaches are needed.

    In order to gain insight into these trends, ESG surveyed 334 IT professionals at organizations in North America (US and Canada) personally responsible for or familiar with their organization’s container-based application environment and strategy, including the associated data protection tools and processes.

    (more…)

  • Trends in IAM: Cloud-driven Identities

    ·

    Doug Cahill

    ESG’s Master Survey Results provide the complete output of syndicated research surveys in graphical format. In addition to the data, these documents provide background information on the survey, including respondent profiles at an individual and organizational level. It is important to note that these documents do not contain analysis of the data.

    This Master Survey Results presentation focuses on current identity and access management (IAM) challenges and threats, as well as strategies and buying intentions, including assessing the prioritization of IAM and identity governance and administration (IGA) technologies.

    (more…)

  • Securing Modern Application Development Environments

    ·

    Dave Gruber

    DevSecOps has moved security front and center in the world of modern development; however, security and development teams are driven by different metrics, making objective alignment challenging. This is further exacerbated by the fact that most security teams lack an understanding of modern application development practices. The move to microservices-driven architectures and the use of containers and serverless have shifted the dynamics of how developers build, test, and deploy code. As a result, a convergence of application security tools is underway. Organizations are overwhelmed with the amount of and overlap in issues raised from multiple testing tools, complicating prioritization and mitigation, so integrated application security platforms are desired.

    In order to gain insight into these trends, ESG surveyed 378 IT, cybersecurity, and application development professionals at organizations in North America (US and Canada) involved with securing application development tools and processes.

    (more…)

  • SOAPA Interview with ThreatQuotient, Part 2 (Video)

    ·

    Jon Oltsik

    In continuing my chat with Marc Solomon, CMO of ThreatQuotient, Marc and I discuss:

    1. SOC integration. At its heart, SOAPA is an integrated heterogenous technology architecture for security operations, so I ask Marc how integration plays into ThreatQ’s strategy. Marc mentions that the platform includes bi-directional integration where ThreatQ consumes and provides data. What type of data? External threat data, enriched data, event data, etc. ThreatQuotient can be used as a SOAPA data broker, acting as the single source of truth for security operations.
    2. ThreatQuotient has some SOAR functionality so I ask Marc about process automation. Marc says that while SOAR has been out for a while, he still sees most companies automating basic tasks, so there’s a general state of immaturity. Marc is bullish about more process automation in the future however and everything starts with the data.
    3. Are we moving toward SOC visualization consolidation? One of the biggest SOC bugaboos is the need to view security through multiple UIs. Personally, I believe that SOC visualization is the next frontier with new tools acting as a standard workbench for multiple activities. Marc agrees but reminds us not to forget about specialization. Yes, there will be more UI consolidation but there will always be specialized tools and SOC analysts using these tools will want to work with within their UIs. Once again, Marc points to the data. If the data is normalized, consistent, and available, it will be useful regardless of how you view it.
    4. My colleague Dave Gruber and I have done a lot of research in this area while Marc has looked at XDR through the lens of ThreatQ. In Marc’s view, XDR is long overdue to combine the threat detection power of multiple different technologies into a single system. Marc still believes that these analytics will need tools like ThreatQuotient to act as a SOAPA data hub and broker, while XDR takes more control of the analytics layer.
    5. The future of SOAPA. Marc believes SOAPA is the future of security operations as tools like ThreatQ bring in more data sources, opening the SOC to new use cases.

    Thanks again to Marc Solomon and ThreatQuotient for participating in the SOAPA video series. Look for more videos in 2021.

  • Data Protection Considerations for Containers

    ·

    Christophe Bertrand

    ESG conducted a comprehensive online survey of IT professionals from private- and public-sector organizations in North America (United States and Canada) between June 12, 2020 and June 24, 2020. To qualify for this survey, respondents were required to be IT professionals responsible for/familiar with their organization’s container-based application environment strategy.

    This Master Survey Results presentation focuses on understanding the current state of end-users’ application and container deployments, identifying data management gaps, and determining current practices and potential disconnects that may exist when protecting Kubernetes/ containers infrastructure at scale.

    (more…)

  • SOAPA Interview With Marc Solomon of ThreatQuotient, Part 1

    ·

    Jon Oltsik

    Mark Solomon, CMO of ThreatQuotient. and I had a chance to get together and talk SOAPA recently. In part 1 of our video, Marc gives a brief description about what ThreatQ does and then we proceed to chat about:

    1. What’s the deal with cyber threat intelligence (CTI)? For every SOC manager who tells me that threat intelligence is the foundation of security operations, another says that his or her organization struggles to operationalize threat intelligence. What’s going on here? Marc believes the term “threat intelligence” is somewhat poisoned and meaningless today. The real key is to collect, process, analyze, and act upon the CTI that aligns with your organization’s infrastructure, industry, location, etc., and then integrate it into every aspect of security ops.
    2. Use cases for ThreatQuotient. ThreatQ is lumped into a bucket called threat intelligence platforms (TIPs) but I know the product can do more than just weed through threat feeds. Marc says that 70% of customers use ThreatQ for other use cases like alert triage, incident response, phishing investigations, etc. ThreatQuotient is kind of a swiss army knife for SOAPA.
    3. Alert fatigue. I mention to Marc that ESG data points to an overwhelming volume of alerts and ask if this is consistent with what he is seeing. Marc agrees but reminds the audience that security is a big data problem. Therefore, it’s about normalizing and contextualizing the data to make it useful. By doing so, you can improve fidelity, accelerate processes, enhance collaboration, and see real ROI on security investments.
    4. SOC modernization. This term has become yet another piece of industry hyperbole, so I asked Marc what he thinks. To Marc, it all starts with the data, but the data tends to be siloed and in different formats today. Thus, SOC modernization starts with data normalization, integrated defenses, and a focus on enabling the SOC staff. Marc also emphasized the need for more process automation, process maturity, and improved collaboration processes and tools.

    Marc’s an old hand at security so it was great to kibbitz with him about SOAPA. More soon in part 2 of our video.

  • Get Ready for the Hybrid Cloud Data Warehousing Surge

    ·

    Mike Leone

    GettyImages-1192823232Data warehouse modernization has become an essential move to meet the demands of the modern business. And it is easy to get lost in the hype when it comes to modernizing with a “cloud-first” or “cloud-only” approach. Organizations are drawn to the promise of ultra-simplicity, unlimited scale, improved agility, and ubiquitous accessibility. But for some organizations that are on this path, they are starting to see the tradeoffs they have made. One of those tradeoffs comes with price/performance. Not that modern cloud data warehouses do not perform well, but if you want the low-latency performance to truly support real-time, you will either have to pay for it (especially at scale as more end-users want access to the data) or minimize your ability to truly achieve real-time responsiveness. And it is forcing organizations to rethink their cloud data warehouse strategies. Maybe an on-premises data warehouse does have a place? And so does a cloud data warehouse?

    While several traditional on-premises data warehouses now have cloud services to enable hybrid cloud data warehousing, many still leverage their vintage architectures that were designed around a rigid on-premises pipeline process derived long before the hybrid cloud technologies of today existed. Release after release has resulted in improved capabilities, but at the expense of trading off functionality for added complexity, and with less-than-ideal levels of performance, cost, and agility.

    One of the vendors I have been watching emerge in this modern, hybrid cloud data warehouse space is Yellowbrick. This is a company that natively designed its data warehouse for hybrid cloud, promising the best of both on-prem and cloud data warehousing worlds. Customers get the high performance and concurrency of specialized on-premises systems, while also gaining the agility, scalability, and simplicity of cloud-only solutions. Yellowbrick can be consumed as a service anywhere with the same data and performance everywhere—either on-premises/in a private cloud, through any public cloud, or a combination of both. And here’s the kicker: organizations don’t have to make a trade-off of performance or cost. ESG recently completed an economic study of Yellowbrick Data Warehouse to quantify the low and predictable cost savings through their fixed-cost annual subscription.

    Hybrid cloud data warehousing will be critical going forward. Whether you are an organization looking to move traditional data warehousing workloads to the cloud or a company that started with a cloud data warehouse whose bills are starting to rise as performance demands increase, it may be worth evaluating (or re-evaluating) your options.