Great reflection Richard. Thank you for your frequent updates on the changing landscape of this critical sector.
Statistics may solicit different views depending on individual perspectives, but ultimately this is one sector where investors, vendors, founders, and customer decision-makers are mostly aligned about the value of information that can be gained from the stats. I wonder how the total universe of vendors (3,764) and products (19,900+) would compare with those being analyzed by Gartner (134 and 258 respectively)?
Similarly, it would be useful to know how investors are supporting each of the 24 sub-sectors (the Gartner MQ’s), and how their attention shifts between technologies over time, or in response to most current headline-grabbing attacks. Does the dynamic nature of cybercrime encourage investment in multi-product vendors or is there an innate trust in the longevity of point solutions? Basic data such as deal size per vendor and number of investors per deal would be interesting.
Another metric I think would be of interest to our wider community is understanding how cybercrime/attacks are spread across all the security sub-sectors. My interest here is not to identify vendors, products, or services that have failed to prevent a breach but rather to determine how and where cybercriminals are focusing their attention, and how we as an industry are responding.
I do not believe victims of cybercrime should be penalized, which seems to be a regulator's current response. Similarly, organizations already invest in hybrid technologies/solutions protection, and they need to accept that finding fault in one component of many does not resolve the vulnerability of critical business continuity. It is not easy to find the best complimentary mix and each scenario needs careful thought to identify and avoid different threats that can expose many new risks.
Finally, is there an easy way to categorize vendors into the appropriate MQ? The current MQ labels can be quite broad, and I expect Gartner and other analysts may create new categories as vendors innovate new solutions to respond to new attack methodologies. Do you have a timeline graphic of how the categories have grown over the years?
Thanks for this Chris. First of all, venture capital, almost by definition, should stay away from categories that have magic quadrants. By the time there is an MQ the winners and also-rans have already been determined. This is when Wall Street investors start to take on the burden.
It should be fairly easy to identify all the vendors left out of the particular MQs. But that would still leave 80% without an MQ.
Richard this quote is such a powerful reason for customers to subscribe to IT-Harvest alone or in addition to an existing Gartner subscription .... "That would mean that Gartner MQs provide guidance on 1.3% of the universe of products." Awesome article!!
A universe is not a universe, until it is. Word. Inspired by Richard Stiennon.
Data talks! Great analysis, Richard. The world should watch what you're finding and act based on the data you present.
Thanks Tom!
Great reflection Richard. Thank you for your frequent updates on the changing landscape of this critical sector.
Statistics may solicit different views depending on individual perspectives, but ultimately this is one sector where investors, vendors, founders, and customer decision-makers are mostly aligned about the value of information that can be gained from the stats. I wonder how the total universe of vendors (3,764) and products (19,900+) would compare with those being analyzed by Gartner (134 and 258 respectively)?
Similarly, it would be useful to know how investors are supporting each of the 24 sub-sectors (the Gartner MQ’s), and how their attention shifts between technologies over time, or in response to most current headline-grabbing attacks. Does the dynamic nature of cybercrime encourage investment in multi-product vendors or is there an innate trust in the longevity of point solutions? Basic data such as deal size per vendor and number of investors per deal would be interesting.
Another metric I think would be of interest to our wider community is understanding how cybercrime/attacks are spread across all the security sub-sectors. My interest here is not to identify vendors, products, or services that have failed to prevent a breach but rather to determine how and where cybercriminals are focusing their attention, and how we as an industry are responding.
I do not believe victims of cybercrime should be penalized, which seems to be a regulator's current response. Similarly, organizations already invest in hybrid technologies/solutions protection, and they need to accept that finding fault in one component of many does not resolve the vulnerability of critical business continuity. It is not easy to find the best complimentary mix and each scenario needs careful thought to identify and avoid different threats that can expose many new risks.
Finally, is there an easy way to categorize vendors into the appropriate MQ? The current MQ labels can be quite broad, and I expect Gartner and other analysts may create new categories as vendors innovate new solutions to respond to new attack methodologies. Do you have a timeline graphic of how the categories have grown over the years?
Thanks for this Chris. First of all, venture capital, almost by definition, should stay away from categories that have magic quadrants. By the time there is an MQ the winners and also-rans have already been determined. This is when Wall Street investors start to take on the burden.
It should be fairly easy to identify all the vendors left out of the particular MQs. But that would still leave 80% without an MQ.
Richard this quote is such a powerful reason for customers to subscribe to IT-Harvest alone or in addition to an existing Gartner subscription .... "That would mean that Gartner MQs provide guidance on 1.3% of the universe of products." Awesome article!!
Thank you Gretchen! Much appreciated.
Great write up! It's so fascinating.
Thanks!
Thanks for the post Richard !!