Markets

Our seasoned analysts couple their industry-leading B2B research with in-depth buyer intent data for unparalleled insights about critical technology markets.

Overview

Business Applications

Cybersecurity

Data Management, Analytics & AI

Infrastructure, Cloud & DevOps

Services

Clients trust us across their GTMs—from strategy and product development to competitive insights and content creation—because we deliver high-quality, actionable support.

Overview

Insights

Browse our extensive library of research reports, research-based content, and blogs for actionable data and expert analysis of the latest B2B technology trends, market dynamics, and business opportunities.

Insights
Contact Us

Cybersecurity & Networking

  • The State of Zero Trust Security Strategies

    ·

    John Grady

    This Master Survey Results presentation focuses on understanding the factors influencing zero trust initiatives, how decision makers are prioritizing purchasing decisions, and which specific technologies and products are being deployed to support zero trust strategies.

    ESG conducted a comprehensive online survey of IT and cybersecurity professionals from private- and public-sector organizations in North America (United States and Canada) between December 8, 2020 and December 22, 2020. To qualify for this survey, respondents were required to be cybersecurity or IT/information security professionals responsible for evaluating, purchasing, and managing security technology products and services in support of zero trust security initiatives.

    (more…)

  • The Ransomware Task Force Strives to Meet the Need for Private and Public Sector Collaboration

    ·

    Doug Cahill

    GettyImages-864655374Effectively addressing national emergencies and times of crisis has always required private and public sector collaboration. The most recent and obvious example being the development and delivery of COVID-19 vaccines. And like COVID-19, ransomware attacks cross borders, necessitating a coordinated national and international response by government agencies and technology leaders.

    (more…)

  • The Maturation of Cloud-native Security

    ·

    Doug Cahill

    The composition of cloud-native applications is a mix of APIs, containers, VMs, and serverless functions continuously integrated and delivered. Securing these applications, the underlying infrastructure, and the automation platforms that orchestrate their deployment necessitates revisiting threat models, gaining organizational alignment, and leveraging purposeful controls. Additionally, as security and DevOps continue to converge, cloud security controls are being consolidated. Project teams are evolving from a siloed approach to a unified strategy to securing cloud-native applications and platforms. In parallel, vendors are consolidating cloud security posture management (CSPM), cloud workload protection (CWP), container security, and more into integrated cloud security suites, impacting buyer personas and vendor sales motions.

    In order to gain insight into these trends, ESG surveyed 383 IT and cybersecurity professionals at organizations in North America (US and Canada) personally responsible for evaluating or purchasing cloud security technology products and services.

    (more…)

  • Re-emphasizing Data Security as Part of a Zero Trust Approach

    ·

    Enterprise Strategy Group

    Zero trust remains a broad initiative with a wide array of use cases, supporting technologies, and starting points. While it may seem that focus has shifted away from data security in recent years, many organizations consider it a critical component of their zero trust strategy. To address zero trust requirements, data classification and security solutions must support deployment flexibility, risk assessment, automation, and integrations with other solutions.

    (more…)

  • 5 Things CISOs Want to Hear About Zero Trust (ZT) at the RSA Conference

    ·

    Jon Oltsik

    GettyImages-1276687348April showers bring May flowers, and this year’s RSA Conference. Usually there’s one topic at RSA that everyone is talking about but this year there will likely be 3: secure access service edge (SASE), eXtended detection and response (XDR), and zero trust. In my last blog, I described 8 things security executives want to hear about XDR. This one focuses on zero trust.

    (more…)

  • The State of Zero-trust Security Strategies

    ·

    John Grady

    Zero-trust approaches are arguably more relevant than ever due to the increasingly distributed nature of the modern enterprise, which has only been accelerated by the shift to work-from-home models. Yet for many organizations, confusion remains as to exactly what a zero-trust initiative should entail, where to begin, and how best to overcome the organizational obstacles that result from such a cross-functional undertaking.

    Download Now
    For more information or to discuss these findings with an analyst, please contact us.

  • Streamlining Network Operations: Forecast Calls for Clouds

    ·

    Bob Laliberte

    ESG recently completed its annual technology spending intentions survey of 664 senior IT decision makers at midmarket (i.e., 100 to 999 employees) and enterprise (i.e., 1,000 or more employees) organizations across North America and Western Europe. As part of that research, respondents with purchasing influence or authority for networking products and services were asked about their organization’s networking spending plans over the next 12 months, and the results were published in the ESG brief, Network Spending Trends for 2021 (only available to ESG clients).

    (more…)

  • Network Spending Trends for 2021

    ·

    Bob Laliberte

    Coming off an unprecedented year, the majority of organizations are increasing their IT budgets. While slightly more than one-third of these organizations will increase their network spending in 2021, the majority expect to hold steady compared to last year’s investment levels. This year, organizations also state that they are looking to take advantage of cloud-based network management solutions to drive optimization. The research further demonstrates how organizations with mature digital transformation efforts differ from their counterparts with less mature environments.

    Download Now
    If you’re interested in learning more or would like to discuss these findings with an analyst, please contact us.

  • 8 Things CISOs Want to Hear From XDR Vendors

    ·

    Jon Oltsik

    digital_shieldNow that we are within a month of the RSA conference, the security diaspora must prepare itself for a cacophony of hyperbole around three industry initiatives: Secure Access Service Edge (SASE), eXtended Detection and Response (XDR), and zero trust.

    Yup, all three areas are innovative and extremely promising, but a bit overwhelming as well. Look for more from me on SASE and zero trust in the coming weeks. For now, we’ll focus on XDR. (more…)

  • Collaboration Remains a Key to Zero-trust Success

    ·

    John Grady

    GettyImages-1055846650We all understand that zero trust is a complex initiative. There’s a wide array of use cases, supporting technologies, starting points, and strategy options. On the bright side, one of the keys to succeeding with zero trust remains something companies arguably have the most control over – collaboration across the organization. The less encouraging news? These cross-functional relationships could be better.

    Recent Enterprise Strategy Group research has found that many organizations have paused or abandoned a zero-trust project at some point in the past. This includes those who are currently engaged in successful projects. The single biggest reason given was organizational issues in implementing the initiative, which was cited by half of respondents.

    Among all of the organizations ESG surveyed (including those who had not paused or abandoned projects, some of the specific collaborative issues faced with regards to zero trust include:

    • Communications issues related to collaborative tasks (32%). Simply opening the lines of communication across often siloed teams within and outside of the IT organization remains a challenge. Having executives buy in and craft an overarching strategy is something we often discuss. But without the day-to-day operational collaboration required to ensure that the entire business is moving in the same direction, zero trust becomes an uphill battle.
    • Security teams slow to incorporate feedback (32%). There is still an “us versus them” dynamic at play to an extent as well. Non-security practitioners may feel that the security organization slows them down and ignores their concerns. Often times the reality is that security teams are redlined with keeping the wheels on, and zero trust can be described as changing the tires while the car is still moving.
    • Lack of clarity about areas of responsibility (29%). Again, the executive role looms large here. Without specificity as to which teams are responsible for what parts of the process, the strategy can break down.
    • Non-security teams move too quickly (29%). This is the other side of the “us versus them” coin, where security teams believe their non-security counterparts do not properly weigh cyber considerations and move on a whim. Again, the reality is often more complicated, and this can be at least partially attributed to….
    • Different groups measured and compensated on conflicting goals (29%). Non-security teams are likely to be more directly responsible for business outcomes than their security counterparts. This is certainly starting to shift but remains early days. When the KPIs and goals these teams are judged on vary, priorities can deviate.

    With these challenges in mind, what are organizations planning to do about it? First, the most common action organizations plan to take over the next 12-18 months to implement or optimize zero-trust strategies is improve collaboration across security operations, IT operations, and the lines of business, cited by nearly half (46%) of respondents. This held true even among those organizations who are further down the path of zero-trust adoption and rate themselves as successful in the implementation. In other words, even those who are seeing zero-trust benefits realize collaboration is critical to success, and there is always room for improvement.

    Second, there is momentum towards formalizing these cross-functional working groups through zero-trust centers of excellence (CoE). While still very early, and only formally implemented by a handful of organizations to date, many are actively working towards a CoE, or have plans or interest in implanting one. We’ve seen this model work before with regards to cloud, and the broad applicability across different teams certainly rings true for zero trust as it did with cloud adoption.

    Regardless of where organizations are on the zero-trust journey, the focus should be on collaboration. We’re seeing similar trends with regards to SASE, application security, risk management, and other areas. Before getting bogged down in the technology weeds, planning for how the teams involved will successfully work together should be the focus.

  • The State of Zero-trust Security Strategies

    ·

    John Grady

    Zero-trust approaches are arguably more relevant than ever due to the increasingly distributed nature of the modern enterprise. Whether implementing least-privilege tenets for user access or securing the connections to and between the disparate aspects of today’s hybrid multi-cloud deployments, zero trust can provide a framework to secure even the most complex environments. The sudden shift to work-from-home models has only highlighted the importance of a zero-trust approach. Yet for many organizations, confusion remains as to exactly what a zero-trust initiative should entail, where to begin, and how best to overcome the organizational obstacles that result from such a cross-functional undertaking.

    In order to gain insight into these trends, ESG surveyed 421 IT and cybersecurity professionals at organizations in North America (US and Canada) personally responsible for driving zero-trust security strategies and evaluating, purchasing, and managing security technology products and services in support of these initiatives.

    (more…)

  • Organizations Can’t Keep Up with Security Hygiene and Posture Management

    ·

    Jon Oltsik

    GettyImages-514410109As the old security adage goes, “A well-managed network/system is a secure network/system, and this notion of network and system management is a cybersecurity foundation. Pick any framework (i.e., NIST Cybersecurity framework), international standard (i.e., ISO 27000), best practice (i.e., CIS 20 Critical Controls) or professional certification (i.e. CISSP), and much of the guidelines presented will be about security hygiene and posture management.

    (more…)