Markets

Our seasoned analysts couple their industry-leading B2B research with in-depth buyer intent data for unparalleled insights about critical technology markets.

Overview

Business Applications

Cybersecurity

Data Management, Analytics & AI

Infrastructure, Cloud & DevOps

Services

Clients trust us across their GTMs—from strategy and product development to competitive insights and content creation—because we deliver high-quality, actionable support.

Overview

Insights

Browse our extensive library of research reports, research-based content, and blogs for actionable data and expert analysis of the latest B2B technology trends, market dynamics, and business opportunities.

Insights
Contact Us

Cybersecurity & Networking

  • CiscoLive is Back!

    ·

    Bob Laliberte

    CiscoLive returned to being an in-person event this year and customers responded positively, with 16 thousand showing up to the Mandalay Bay Resort to partake in keynotes, sessions, training, and festivities.

    It was great to be in person and able to interact with members of the Cisco executive, technical, and analyst teams, as well as meet with their customers. It also provided me with an opportunity to connect with fellow ESG analysts Rob Strechay and Paul Nashawaty, who were also attending the event.

    There were a number of significant networking announcements made during the event, so I will try to encapsulate them in this blog and provide my insights. They included:

    • The Merakification of Catalyst switches – Part One. With Todd Nightingale in charge of enterprise networking, we are now seeing the introduction of cloud-based management for Catalyst switches (and eventually APs) leveraging the Meraki cloud-based management solution – hands down recognized as the pioneer in cloud-based network management and well known for its operational simplicity. Now, before Catalyst users leveraging DNA Center get too concerned, this is not a forced transition to cloud-based management. Rather, organizations should be thinking about this as an augmentation – the ability to leverage unified cloud-based monitoring of Meraki and Catalyst environments – which is especially helpful to those with highly distributed environments and those with hybrid environments consisting of Catalyst switches with Meraki APs. Even when using this “monitoring” mode, organizations can still use DNA Center to manage the Catalyst environment. Over time, this cloud-based capability will include the ability to manage Catalyst environments leveraging a simplified interface. Given that ESG research highlights that 40% currently have unified wired and wireless network management and another 48% plan to unify, the cloud-based offering is very timely.
    • Nexus will also offer cloud-based management and new switches. Using the InterSight platform, data center networking teams now have the option to leverage a cloud-based management solution for their data center networking environments. Again, this is about providing choice and management options for data center networking environments. Cisco also rolled out a new family of 400G switches to accommodate the steady growth of data. All switches are 800G-ready to ensure investment protection.
    • ThousandEyes integration continues with “Predictive Networking” – a great example of how organizations can leverage cloud-based intelligence to deliver better experiences. Essentially, ThousandEyes will analyze the network traffic and provide recommendations to improve performance and experience. Even more important, this technology is completely network-operator-driven, as the solution will demonstrate how much better the experience could be by allowing the operator the options to select a different route and then simply push a button to accept the recommendation and make the change. While this is fairly impressive on its own, the more intriguing part of this announcement was the comment that this intelligence engine could be ported to other areas of the network. Given that ThousandEyes is already connected to much of the Cisco portfolio, this technology could provide additional operational efficiencies for an organization’s end-to-end network environment.

    All of these cloud-based announcements are key, as they serve to be a key enabler for greater levels of intelligence (AI/ML) and automation. Given that Cisco has such a massive installed based, the ability to anonymously collect and process all that data in the cloud will drive enormous operational efficiencies and deliver enhanced experiences for organizations. But Cisco customers need to embrace the cloud! I am looking forward to hearing about adoption rates and expect that those campus and branch environments will be more willing to shift – so many are already Meraki customers. I expect that change will be harder for those in the data center, but the transition needs to occur – these networking environments are becoming far too complicated to manage manually. Organizations need to embrace the intelligence that is enabled by cloud-based management. This doesn’t mean you have to switch everything over immediately, but you need to start using the technology to become comfortable with it. I think of this as the “time to comfort” with these advanced technologies – you need to trust that it will do what you would have done, and witness this repeatedly, before you make any advanced intelligence technology live in your environment. It will be critical to have a feedback loop between the network operators and the vendors to ensure algorithms are as efficient as possible.

    Other notable announcements included a Cisco + Secure Connect that is a secure access service edge (SASE) offering that can be consumed as a service, leveraging Cisco SD-WAN and security capabilities to protect highly distributed environments. Zero trust for hybrid work was also discussed. For those who are not aware, Cisco has comprehensive security offerings, so zero trust isn’t a product SKU but rather a framework from which organizations can leverage Cisco security solutions to enable zero trust for hybrid work.

    We were able to participate in a number of roundtable discussions and engage in one-on-one meetings as well. I had a great conversation with Matt MacPherson on the future of wireless, discussing WFI6/6E/7 and 5G. It was also great to meet with Lawrence Huang to discuss cloud-based network management..

    Wrapping up, Cisco took a big step forward by expanding its use of cloud-based network management. It is a good first step and I look forward to tracking their progress by both adoption and capabilities. In particular, it would be great to get a holistic vision on the Cisco cloud strategy and how the Nexus cloud will integrate with the Meraki/Catalyst cloud as well as Viptela and ThousandEyes. Cisco has stated that this will be a journey and given the size of the Cisco portfolio and installed based, it is completely understandable that this journey will take some time.

  • ESG/ISSA Research at RSA Conference 2022

    ·

    Jon Oltsik

    RSAPresentationLast week’s RSA Conference was an orgy of security innovation and industry hyperbole. While this will only make things more confusing for security professionals, they seem to be moving ahead with strategies for security technology consolidation, integration, and a migration to multi-product security platforms.

    (more…)

  • Live Events are Back! ExtremeConnect 22

    ·

    Bob Laliberte

    ExtremeConnect1This week I flew to Nashville, TN to participate in ExtremeConnect 22 customer event. Despite Covid flare ups here and there, this event was very well attended – in fact it was sold out.

    This was my second in-person event of 2022 and it is great to be back, as everyone gets so much more out of these events when together, and not just the ability to attend keynotes to feel the energy in the room, but the ability to attend training sessions, the opportunity for impromptu hallway meetings, getting access to executives and engineering talent, and the ability to interact socially with your peers.

    (more…)

  • ESG/ISSA Cybersecurity Process and Technology Survey

    ·

    Enterprise Strategy Group

    ESG conducted a comprehensive online survey of IT professionals from private- and public-sector organizations in North America (United States and Canada), Western Europe, Central/South America, Africa, Asia, and Australia between December 20, 2021 and December 31, 2021. To qualify for this survey, respondents were required to be information security managers, chief information officers, IT senior executives, IT managers/directors, or general IT staff responsible for information security and other comparable titles.

    This Complete Survey Results presentation focuses on cybersecurity technology purchase trends, including the current threat landscape’s impact on strategies and subsequent buying decisions, efforts to consolidate vendors and products, the appetite for cybersecurity platforms, and cybersecurity process integration with DevOps practices.

    (more…)

  • Women in Cybersecurity: Gisela Hinojosa: Hacking Your Way into a Cybersecurity Career

    ·

    Alex Arcilla

    Forgive me for the blatant cheesiness of the title, but in this case, using the term hacking is sort of relevant…bear with me…

    No doubt that working in cybersecurity is really THE thing to do right now. The opportunities seem endless. But exactly what paths can you pursue when entering a field that is constantly evolving?

    I had the opportunity to discuss one path with Gisela Hinojosa, a pentester at Cobalt. For those not in the know – like me – I thought…huh? Pentesting? Perhaps a simple, albeit naïve, way of understanding what is pentesting (or penetration testing) could be hacking. As a pentester, you attempt to expose potential security vulnerabilities. Basically, you are hacking for legitimate reasons.

    As you will hear during our conversation, Gisela worked in software testing before she uncovered this specific path. As she was exploring different options, her husband asked what she always wanted to do. She replied that she wanted to hack, but who would pay her to do that? Turns out that companies do to bolster their security posture before any bad actors have the chance.

    What exactly does it take to find a pentesting position? Watch this video and find out what worked for Gisela.

    Please visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Gisela, view past episodes, and join us to hear more inspiring stories in future shows.

  • Women in Cybersecurity: Brittany Greenfield

    ·

    Melinda Marks

    This episode of Women in Cybersecurity showcases Brittany Greenfield, the founder and CEO of Wabbi. While Brittany started her career with a degree in biotechnology, working in business process and marketing roles, she turned her focus to cybersecurity, knowing how critical it is in the fabric of technology. Today she leads a company integrating security into software development. Check out our video below.

    Growing up in Washington D.C., Brittany had an impression of cybersecurity as how agencies protected the country against foreign enemies. She went to Duke University earning a self-designed interdisciplinary degree in biotechnology, spanning economics, entrepreneurship, public policy, and medical sciences. From there, she spent the first part of her career in the ERP space, and later earned an MBA from MIT Sloane School of Management.

    She turned to cybersecurity when she took a role at Cisco helping them build their Internet of Things (IoT) platform. 

    You can’t talk IoT and not talk cyber. I realized cyber is such a fundamental piece of the digital fabric that powers our lives today, I need to get into it. 

    She got into the endpoint space, and became frustrated that too many solutions focused on perimeter security, when she felt that the problems need to be solved within. From there, she decided to found Wabbi to help developers efficiently incorporate security into their processes, getting the right security information to developers at the right time.

    Tune in to the video, and don’t miss the full podcast, as we discuss key issues, including why women make good leaders. Also, since Wabbi is in my coverage area of cloud and application security, we discuss some of the challenges for organizations trying to scale their security programs with the speed of modern software development. 

    Learn more about her company Wabbi, and if you’re heading to RSA next week,  visit their booth and get a demo! You can also follow her on twitter

    Please visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Brittany, view past episodes, and join us to hear more inspiring stories in future shows.

  • Securing the Identity Perimeter with Defense in Depth

    ·

    Enterprise Strategy Group

    ESG conducted a comprehensive online survey of IT and cybersecurity professionals from private- and public-sector organizations in North America (United States and Canada) between December 14, 2021 and December 28, 2021. To qualify for this survey, respondents were required to be IT and cybersecurity professionals focusing on identity and access management programs, projects, processes, solutions/platforms, and services.

    This Complete Survey Results presentation focuses how organizations are currently monitoring and protecting identities in terms of the breadth of identity products, platforms, and technologies supporting current business operations, as well as how that is expected to evolve over time.

    (more…)

  • Network Spending Trends in 2022

    ·

    Bob Laliberte

    Enterprise Strategy Group’s annual technology spending intentions report for 2022 surveyed 706 senior IT decision-makers at midmarket (i.e., 100 to 999 employees) and enterprise (i.e., 1,000 or more employees) organizations across North America, Western Europe and Asia Pacific. From an overall perspective, the good news is that 62% of organizations plan to increase overall IT spending. As part of that research, respondents with purchasing influence or authority for networking products and services were asked about their organization’s spending plans in this area over the next 12 months. The data indicates that 52% are expected to maintain the prior year’s budget levels and 43% will increase spending. Only 5% will shrink their networking budget.

    NetworkSpending1Given that modern IT environments are highly distributed and complex, ESG also asked respondents to identify the areas where their organization would make the most significant investments in its network infrastructure over the next 12 to 18 months.

    More than one-third (38%) of organizations will provide additional training to their networking staff on modern IT operations best practices; 36% will deploy cloud-based network management solutions; and 35% will deploy AI/ML for network self-healing and optimization capabilities. The responses largely confirm the demand for technologies highlighted in a 2021 ESG research report on network modernization.

    As organizations modernize their IT and application environments, they recognize that doing so requires training network staff to ensure the network can support these new IT operations and best practices. The faster growth of closely related IT priorities — many driven by post-COVID-19 hybrid work environments — including cybersecurity and distributing applications to the cloud or edge, suggests that network infrastructure will continue to play a vital role in enabling these environments.  

  • Securing the Identity Perimeter with Defense in Depth

    ·

    Jack Poller

    The core tenet of a zero trust strategy is least-privilege access. Yet, organizations continue to rely on user and machine identities that are susceptible to compromise, abuse/misuse, and theft. Risk is compounded by over-permissive, static access rights that provide little to no visibility into who and what is using access and how. Vaguer is how identities are being/should be monitored and protected. Availability of modern, cloud-managed identity services is widespread. Yet organizations have been slow to pivot their security programs from traditional endpoint, network, and SecOps to an approach that focuses on identity orchestration and experiences, which is dynamic and distributed. Where there are no perimeters, a multitude of identity verification services and managed identity services exist.

    In order to gain insights into these trends, ESG surveyed 488 IT and cybersecurity professionals personally responsible for identity and access management programs, projects, processes, solutions/platforms, and services at large midmarket (500 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada).

    (more…)

  • Increasing Developer Efficiency with Security Solutions

    ·

    Melinda Marks

    My colleague Rob Stretchay completed research on the challenges organizations face as their applications become more distributed across clouds. In this video, we discuss some of his findings, including how developers are spending their time – including their time remediating security issues. This is interesting to me because we’ve been talking about developer workflows and whether developers can take on some security processes. Developers want to focus on building software, but they care about quality, reliability, and they don’t want to waste time doing rework. Check out the video to hear us discuss the opportunity for security solutions to help.

    Watch the video below, and be sure to check out the new research: Distributed Cloud Series: Observability Trends

  • Women in Cybersecurity: Sharon Goldberg

    ·

    Melinda Marks

    This week I’m pleased to share my interview with Sharon Goldberg, the cofounder and CEO of BastionZero. She is also a computer science professor at Boston University. Check out our video below.

    After graduating with a degree in electrical engineering from the University of Toronto, Sharon started her career as a telecom engineer at a power company building communications systems for its different power stations. After a few months, she was bored so she applied and got accepted to grad school at Princeton University, where she joined a team using lasers to encrypt communications. She took a course in cryptography and got hooked, moving more into computer science and internet security, earning her PhD in applied cryptography and network security.

    At the end of her PhD, she says she took the typical route of becoming a professor. Once she had tenure, she had more freedom to work on what she wanted, and realized she wanted to build something that people could use, instead of just doing the research and publishing a paper, and moving on to other research.

    So she started BastionZero to help organizations better manage remote access. It’s built around the concept of cryptography, and it was something she worked on along with her cofounder, Ethan Heilman, for the past decade. 

    “There’s an opportunity to change the way the market actually does remote access…to not have a single route of trust that controls the access but to have multiple routes of trust that control the access…So if there is a compromise, the security of your system doesn’t fall apart.”

    While leading her company, Sharon continues to teach cybersecurity. “When you teach, you can’t just stand there and teach stale stuff. When you teach, you teach on a broad set of topics…When you talk to students and see how they are absorbing the material, it’s an incredible privilege.”

    She says she’s seen progress with women in tech and cybersecurity. She recalls how when she started out, in the early 2000s, women in tech had to prove themselves and were often underestimated. “You always sort of assumed that no one was going to take you seriously and you were just going to show them…a lot of women who got through that era had that kind of attitude. I’ll just show you, you’re underestimating me. Then you go off and do something really hard…I think women who are starting out now are more surprised when they aren’t taken seriously, which is progress.”

    Her advice: if someone underestimates you, don’t take it seriously, it’s their problem. Build a strong network and support system; find people who you click with and who understand your problem area to help you deal with any issues with fear or inadequacy when you start something new. 

    She also says things happen fast in this industry. She uses social media as a tool to connect with people and learn from how much information is shared in the cybersecurity community.

    Check out Sharon’s company BastionZero to learn more. If you’re heading to RSA in a few weeks, you can root for her in the Innovation Sandbox competition where BastionZero is a finalist! You can also follow her on twitter.

    Please visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Sharon, view past episodes, and join us to hear more inspiring stories in future shows.

  • Women in Cybersecurity: Caroline Wong

    ·

    Enterprise Strategy Group

    This week’s featured guest in our Women in Cybersecurity video series is Caroline Wong. Caroline is a book author who is active in the security community, sharing her experiences and learnings from her cybersecurity leadership roles at companies such as eBay and Zynga. She is the Chief Strategy Officer at Cobalt, a company that gives clients access to pen testers through their Pen Testing as a Service (PtaaS) platform. In her interview with ESG Sr. Analyst Melinda Marks, Caroline shares her experiences in her career in cybersecurity, as well as her advice around team culture and diversity in the workplace.

    Throughout her career journey, which started with an internship in IT project management for the security engineering team at eBay, Caroline explored roles across different business functions, such as engineering, product management, and management consulting, giving her a broad perspective. In her current role as Chief Strategy Officer at Cobalt, she oversees the security, IT, HR, and talent acquisition teams and plans for the future of the company.

    Caroline approaches work with a “get things done” mentality and an eagerness to work with people who she likes and respects and who like and respect her. “The thing about security is that it is a team effort…the only way to get actually good security is to involve a lot of people,” says Caroline. She believes that building diverse teams will bring us closer to solving the challenges we face today in security.

    In this interview, Caroline also talks about overcoming toxic work environments, work-life and family balance, resilience, and trusting our future selves to overcome these challenges. She believes, “When folks are valued and accepted, they’re going to do better work. I think that’s a natural outcome.” She enjoys working in a team in which she can bring her whole self to the table and be valued for it.

    Caroline shares her expertise with others through LinkedIn Learning courses, a feature on CBS, as well as her books: one on security metrics that she dedicated to her original mentor at eBay and one on PtaaS. She notes, “It’s a passion area for me to take concepts that historically have been explained in complicated ways and just try to make them accessible.”

    You can find her resources here:

    The PtaaS Book

    LinkedIn Learning

    Please visit Enterprise Strategy Group’s Women in Cybersecurity page, where you can also find a link to the full audio interview with Caroline, view past episodes, and join us to hear more inspiring stories in future shows!