
It’s more important than ever to accurately assess underappreciated risk and threat vectors and to identify effective and efficient ways to address them.
Our latest research shows the average number of planned investments in Cybersecurity technology tops all other tech categories we studied.
We work closely with vendors and end users alike to stay up to date on how organizations are investing, what problems they’re trying to solve, and how the market is changing or adapting to the latest trends. Enterprise Strategy Group’s Cybersecurity analysts and research cover every aspect of an organization’s cybersecurity needs and lifecycle, including:
- Application security
- Cloud security
- Cyber risk management
- Data security
- Identity & access management
- Network security
- Security operations
- Threat detection & response
- User protection
Research Report
Security Hygiene and Posture Management Remains Decentralized and Complex
Security hygiene and posture management has become increasingly difficult because of factors like a growing attack surface, the increased use of cloud computing, and the need to support a remote workforce. These factors can create security vulnerabilities that lead directly to cyber-attacks.
Analysts Covering Cybersecurity

Doug Cahill
Senior Vice President, Analyst Services and Practices Director

John Grady
Principal Analyst
Areas of Expertise
- Bot Mitigation
- CASB
- DDoS
- Firewall
- IPS
- Microsegmentation

Dave Gruber
Principal Analyst
Areas of Expertise
- Attack Surface Management (ASM)
- Data Leakage Prevention
- DevSecOps
- Email Security
- Endpoint Security
- Extended Detection & Response

Melinda Marks
Practice Director
Areas of Expertise
- API Security
- Application Security
- Cloud Security Posture Management
- Cloud Workload Protection Platforms
- Cloud-native Technologies
- Container Security

Brian McKenna
Regional Director, Analyst Services, EMEA
Areas of Expertise
- Business & Technology Strategy
- Business Applications
- Business Intelligence
- Cybersecurity
- Data Analytics & AI
- Data Management

Jon Oltsik
Distinguished Analyst & ESG Fellow
Areas of Expertise
- Attack Surface Management (ASM)
- CISO/Enterprise Cybersecurity Programs
- Cyber Risk Management
- Deception Technology
- Managed Security Services
- Penetration Testing/Red Teaming/Automated Testing (i.e., breach and attack simulation (BAS), continuous automated red teaming (CART), etc.)

Jack Poller
Senior Analyst
Areas of Expertise
- Confidential Computing
- Data Loss Prevention
- Data Privacy
- Data Security Platforms
- Data Security Posture Management
- Encryption & Key Management

Aaron Tan
Regional Director, Analyst Services, APAC
Areas of Expertise
- Application Modernization & DevOps
- Business Applications
- Cloud Computing
- Cybersecurity
- DevOps
- IaaS/Cloud
Recent Cybersecurity Insights
Infographic | December 4, 2023
Security Services Edge (SSE) Leads the Way to SASE
Blog | November 30, 2023
Data Protection and Security: A Marriage of Necessity?
Research Report | November 30, 2023
Security Services Edge (SSE) Leads the Way to SASE
Research Report | November 30, 2023