Peter Shoard

The exposure to a range of new cyberthreats is a growing issue for organizations. Security and risk management leaders should use this Strategic Roadmap to pivot from traditional technology vulnerability management to a broader, more dynamic continuous threat and exposure...

Choosing the right security operations center model for an organization is not just a matter of hiring a team or a service provider. Security and risk management leaders must carefully consider operational responsibility and understand the risks, before probably choosing...

Enterprises fail to reduce their patchable and unpatchable exposures to threats, yet keep implementing siloed and narrow remediation processes. IT leaders must implement continuous and repeatable exposure management processes, optimizing short-term response and...

Organizations struggle to obtain visibility of where IT operates, awareness of exposures, and the ability to detect and respond to threats. These cool vendors focus on innovative ways to support a SOC through the use of automation and innovative approaches.

MITRE ATT&CK provides a useful security framework for categorizing and classifying adversarial tactics and techniques, as well as for identifying gaps in coverage. However, security and risk management leaders struggle to use it to its greatest effect — actionable SOC...

SRM leaders looking to establish or evolve a security operations center must choose between insourcing, outsourcing or a hybrid approach. It’s a challenging decision for even the most security-mature organizations. This research offers guidance in choosing one of three...

Security technology consolidation trends have impacted the stand-alone SOAR market, which continues to become a feature of other security technologies. Security and risk management leaders should use this guide to evaluate if a stand-alone SOAR solution is right for their.

It is critical to ask questions that reflect key business requirements when engaging a managed detection and response service provider. Security and risk management leaders should use this research when evaluating and procuring MDR services.

Organizations face an infinite number of potential threats as they pursue digital transformations and criminals evolve their attack techniques. Security and risk management leaders must refine their strategy to identify and better adapt to the most important trends across...

MDR services provide customers with remotely delivered, human-led, turnkey, modern SOC functions; ultimately delivering threat disruption and containment. Security and risk management leaders should use this research to identify MDR services that meet their...

Security operations is a crucial component of an effective security program. This initiative will help security and risk management leaders increase cyber resilience through effective threat and exposure visibility, response planning and risk prioritization for the...

AT&T is focusing on fiber and mobility core assets to maximize growth, while planning investments to improve CX, and its network services portfolio for improved buyer experience and offer alignment. SPVM leaders can use this research to ensure that the vendor’s focus...

Threat exposure management is a nascent initiative combining attackers’ and defenders’ views to minimize enterprises’ exposure to present and future threats. Gartner predicts that threat exposure management will enable security and risk management leaders to build...

SIEM solutions are a security system of record with threat detection, investigation and response capabilities, often demanded as SaaS or cloud-native. Security and risk management leaders who require SIEM solutions should evaluate critical capabilities in their selection...

Effective threat detection, investigation and response is not simply about buying and implementing security technology. This research will help SRM leaders understand how risk applies to their critical assets and how the impact of a cyber event might affect the organization.

Security and risk management leaders continue to need a security system of record with comprehensive threat detection, investigation and response capabilities. SIEM is evolving into a security platform with multiple features and deployment models. This research will help...

Enterprises fail at reducing their exposure to threats through self-assessment of risks because of unrealistic, siloed and tool-centric approaches. Security and risk management leaders must initiate and mature a continuous threat exposure management program to stay ahead...

Security and risk management leaders are interested in the enhanced and adaptive capabilities of cybersecurity mesh architecture, but unsure how to start creating one. The initial steps outlined in this research will enable them to begin reaping the rewards of CSMA in the...

Fixed and inflexible service criteria at the beginning of a managed security service contract may fail to meet business risk requirements long-term. Midsize enterprise CIOs must identify behaviors indicating a need to change the MSS provider, and perform critical...

Organizations commonly recognize a need for a threat detection and response capability but struggle to identify the best way to create and consume such a capability. Gartner presents a simple framework to help you identify which of the three main SOC approaches is right...

Information security teams are responsible for identifying and managing an attack surface across internal and external digital assets. Security and risk management leaders aware of their attack surface can improve their risk posture by prioritizing security hygiene and...

MSS has become a broad term to describe an overlay for a variety of different security services. The market has diverged and SRM leaders rarely ask directly for MSS, but instead focus on detection and response, exposure, incident response and security technology management.

The endlessly expanding digital footprint of modern organizations is driving this year’s top cybersecurity trends. Security and risk management leaders who understand these trends will be better able to address new risks and elevate their standing in their organizations.

MDR services provide remotely-delivered modern security operations center capabilities focused on quickly detecting, investigating and actively mitigating incidents. Security and risk management leaders should use this research to understand the MDR market and its dynamics.

Selecting the appropriate security operation center model is challenging, choosing the wrong SOC model can lead to a poor security posture, increased risk, and overexerted security teams. Security and risk management leaders should use this guide to identify which model aligns to their needs.

Dissatisfaction with security services often results from poorly communicated requirements and misaligned expectations during early engagement stages with providers. Security and risk management leaders should use this research to develop successful RFPs that effectively communicate requirements.

Security operations technologies and services defend IT systems from attack by identifying threats and exposure to vulnerability — enabling effective response and remediation. The innovations included in this Hype Cycle aim to help security and risk management leaders strategize effectively.

Network infrastructure continues to get complex with cloud acceleration and changing network boundaries. External and internal attacks pose a threat that can lead to data loss, critical downtime and brand damage. SRM leaders should intensify their protection by deploying these security technologies.

Organizations struggle to obtain visibility of where IT operates, awareness of exposures, and the ability to detect and respond to threats. These cool vendors focus on innovative ways to support security operations through the use of automation and counterintuitive approaches.

Organizations commonly recognize a need for a threat detection and response capability but struggle to identify the best way to create and consume such a capability. Gartner presents a simple framework to help you identify which of the three main SOC approaches is right for your organization.

Security orchestration, automation and response tools enable organizations that have an appropriate level of preparation in their security operations processes to increase efficiency and consistency. Security and risk management leaders must prepare adequately to ensure value from such tools.

Security operations is a critical component of an effective security program to support organizational resilience. Gartner’s 2021 research will help guide security and risk management leaders to manage and defend their increasingly distributed organizations from exposures and threats.

Fixed and inflexible service criteria at the beginning of a managed security service contract may fail to meet business risk requirements long-term. Midsize enterprise CIOs must identify behaviors indicating a need to change the MSS provider, and perform critical activities during a transition.

BT is on a journey to become a leaner, more cost-efficient and agile organization to support customers’ business outcomes by helping them manage growing digital choice and complexity. IT leaders of global organizations should evaluate BT for its managed services portfolio and broad geographic reach.

AT&T continues to face pressure after acquiring Time Warner and, after years of shaving off 4% of employees annually, we’re finally seeing a big push by AT&T to become a digital business. IT leaders must ensure AT&T’s future product focus areas are aligned with their own future needs.

The demand for managed security services, from small and midsize businesses to large enterprises, has increased during the past several years. Security and risk management leaders can use this RFP toolkit to select the most appropriate MSSP for their IT, security and business requirements.

Managed security services (MSSs) provide organizations with remote 24/7 monitoring of security technologies and response to security events across a range of environments. Security and risk management leaders use MSSs to identify, advise and, where appropriate, respond to threats on their behalf.

End-user spending for the information security and risk management market is estimated to grow at an 8.3% CAGR from 2019 through 2024 to $211.4 billion in constant currency. There is an increased demand for access management, endpoint point security technologies and security information and event management

As attackers get more sophisticated and targeted, security and risk management leaders need to look at innovative ways to protect organizations. This Cool Vendors research highlights four vendors that are taking a different approach to network and endpoint security.

Security and risk management leaders buying threat detection and incident response functions from service providers must compare solutions to choose the right vendor. Map your risk-based use cases and response requirements, and compare them with the providers’ coverage for an effective evaluation.

MDR services offer turnkey threat detection and response via modern, remotely delivered, 24/7 security operations center capabilities and technology. Security and risk management leaders should use this research to determine whether MDR is a good fit with their operational security requirements.

The SLAs that accompany detection and response services are often neither valuable, nor do they promote good service quality. Security and risk management leaders require a wider view of the indicators for measuring managed services to ensure the correct level of integration and efficiency.

Network security technologies protect IT systems, platforms and applications from attacks through prevention and immediate automatic response. Security and risk management leaders should employ these technologies where infrastructure may be at risk of compromise by external and internal threats.

Security operations technologies and services defend IT systems from attack through the identification of threats and exposure to vulnerability, enabling effective response and remediation. The innovations included here aim to help security and risk management leaders enhance their strategy.

Many organizations need to quickly improve their detection and response capabilities. Gartner recommends that they take a risk-based approach to answering the question, “Can we build a SOC capability on a budget, and where should we focus when time, resources and finances are short?”

With no defined standard as to what is included in threat detection and response and periphery services, it is difficult to directly compare what providers are delivering. Security and risk management leaders should recognize fundamental deliverables and align requirements to offerings.

The MSS market is diverse, and the traditional offerings are mature. Detection and response services have diverged from mainstream MSSs, and security device management services are highly commoditized. In this market, security and risk management leaders should focus on outcome-based requirements.

Broadcom continues to expand through acquisitions such as CA Technologies and Symantec’s enterprise business. Sourcing, procurement and vendor management leaders must evaluate how changes to Broadcom’s infrastructure software product and go-to-market strategies will impact their relationships.

Orange is making steady progress in driving digitalization and transformation initiatives for its enterprise customers. IT leaders evaluating IT and communications service needs as well as its existing customers should consider the range of Orange’s portfolio and its broad geographical coverage.

AT&T faces fresh challenges from 5G deployment impacting global consumers and enterprises, while it focuses further on media and entertainment revenue for expansion. IT leaders must ensure AT&T’s business and services align to their digital transformation and strategic objectives.

Security operations is a critical component of an effective security program. Gartner’s 2020 research will guide security and risk management leaders to enable effective threat and vulnerability management capabilities for their organizations.

Asking questions that reflect key requirements when engaging an MDR service provider, and managing risks associated with outsourcing threat detection and response, is critical. Security and risk management leaders should use this research when evaluating and implementing these services.

Dissatisfaction with security services often results from poorly communicated requirements and misaligned expectations during early engagement stages with providers. Security and risk management leaders should use this research to develop successful RFPs that effectively communicate requirements.

Buyers struggle to prepare effectively for the managed security service acquisition process. This Toolkit will provide security and risk management leaders assistance with one of the key fundamental challenges: identifying and defining relevant use cases....

As market demand shifts from protection to detection and response, managed detection and response providers have become attractive targets for mergers and acquisitions. Security and risk management leaders must understand the shifting market landscape and prepare for changes in services.

The demand for managed security services, from small and midsize businesses to large enterprises, has increased during the past several years. Security and risk management leaders can use this RFP toolkit to select the most appropriate MSSP for their IT, security and business requirements.

Threat-facing technologies aim to defend IT systems and applications from attacks through prevention, detection and effective response. Technologies and services included meet the security needs of end users who employ cloud and on-premises IT threatened by the evolving threat landscape....

Security and risk management leaders should consider new vendors of security technology to meet evolving requirements to detect and respond to threats. Cool vendors aren’t the right choice for every organization, but they demonstrate new approaches to address difficult issues....

Demands on managed security service providers have evolved to focus on the identification of exposure to, and the existence of, threats in customer environments. Security and risk management leaders responsible for security operations should use this research to evaluate and select providers....

A growing midmarket interest appears in detection-and-response-led services for the Europe region, along with ongoing data residency and regulation requirements. Security and risk management leaders should evaluate providers for quality and detail of outputs that align with their security maturity....

Managed security services is a market that is diversifying to meet the demands of a wide range of buyers. Security and risk management leaders should identify providers best aligned to their requirements, security maturity, and organization’s vertical, size, and geographic footprint....

Security orchestration, automation and response toolsets enable only organizations with the correct level of preparation in their security operations processes to increase security process efficiency. Security and risk management leaders must prepare adequately to ensure value from such toolsets.

Managed security service providers offer diverse interpretations of service types, making it difficult to directly compare what providers deliver. Security and risk management leaders should recognize fundamental deliverables and align requirements to offerings.

AT&T’s consumer and enterprise focus is transitioning to 5G and IoT as it seeks to transform into a media and entertainment player, and continue its global expansion. IT leaders considering AT&T services must ensure AT&T’s business and digital transformation efforts meet their strategic objectives.

MSS SLAs in their current format are neither valuable, nor do they promote good service quality. Security and risk management leaders require a wider view of the indicators for measuring managed security services to ensure their organization receives the correct level of integration and efficiency.

A SOC provides centralized and consolidated cybersecurity incident prevention, security event monitoring, detection and response capabilities, and supports other business unit requirements. This research helps security and risk management leaders identify the best SOC model for their organization.

Security and risk management leaders’ teams seek to retain and have access to relevant security logs and data for investigation and compliance uses. SRM leaders should use decision markers to identify the best data management approach.

Threat-facing technologies aim to prevent and protect IT systems and applications from attack, enabling fast and effective response. Technologies included meet the security needs of end users who utilize cloud and enterprise infrastructure that is threatened by the evolving threat landscape.

Managed detection and response services allow organizations to add 24/7 dedicated threat monitoring, detection and response capabilities via a turnkey approach. Security and risk management leaders can use this research to determine whether MDR services are appropriate for their environments.

Managed security service pricing models vary across the market, specifically among MSSPs, MDR service providers and co-managed SIEM service providers. This research makes it easier for security and risk management leaders to decide which model to select to meet their current business requirements.

Security and risk management leaders should consider new technologies that enable the continuous business revolution, rather than retaining the gate-driven, blocking models of traditional security. Cool Vendors aren't for everyone; however, they demonstrate innovative market directions.

Security and risk management leaders have more security event monitoring options today than they did years ago. Use this research to help make the most appropriate choices based on specific use cases, the IT environment and available resources, and as a guide to the most relevant Gartner research.

Security and risk management leaders should consider new vendors of security technology and services to address security monitoring and vulnerability management requirements. Cool Vendors aren't the right choice for every organization, but they demonstrate new approaches to address difficult issues.

Buyers struggle to prepare effectively for the managed security service acquisition process. This Toolkit provides security and risk management leaders assistance with one of the key fundamental challenges: identifying and defining relevant use cases.

Strict compliance requirements surrounding data residency and breach notification dominate the named differentiators of the MSS market in Europe. Security and risk management leaders should evaluate global and local providers in line with EU data residency, language and regulatory requirements.

Security and risk management leaders interested in managed security services for threat detection, security technology management and compliance concerns should use this Magic Quadrant to help identify and evaluate providers with the ability to deliver services globally.

Security analytics isn't a market; it's a set of methods and technologies that vendors implement to address some security use cases. To reduce vendor hype and to optimize investments in security analytics tools, SRM leaders need to analyze their use cases, and map them to security analytics methods.

The demand for managed security services, from small and midsize businesses to large enterprises, has increased during the past several years. Security and risk management leaders can use this RFP toolkit to select the most appropriate MSSP for their IT, security and business requirements.

Managed security service providers define their own service descriptions, making it difficult to directly compare them. Security and risk management leaders can use this research to recognize which service deliverables are most fundamental, helping buyers align their requirements to MSSP offerings.