Great reflection Richard. Thank you for your frequent updates on the changing landscape of this critical sector.
Statistics may solicit different views depending on individual perspectives, but ultimately this is one sector where investors, vendors, founders, and customer decision-makers are mostly aligned about the value of information that can be gained from the stats. I wonder how the total universe of vendors (3,764) and products (19,900+) would compare with those being analyzed by Gartner (134 and 258 respectively)?
Similarly, it would be useful to know how investors are supporting each of the 24 sub-sectors (the Gartner MQ’s), and how their attention shifts between technologies over time, or in response to most current headline-grabbing attacks. Does the dynamic nature of cybercrime encourage investment in multi-product vendors or is there an innate trust in the longevity of point solutions? Basic data such as deal size per vendor and number of investors per deal would be interesting.
Another metric I think would be of interest to our wider community is understanding how cybercrime/attacks are spread across all the security sub-sectors. My interest here is not to identify vendors, products, or services that have failed to prevent a breach but rather to determine how and where cybercriminals are focusing their attention, and how we as an industry are responding.
I do not believe victims of cybercrime should be penalized, which seems to be a regulator's current response. Similarly, organizations already invest in hybrid technologies/solutions protection, and they need to accept that finding fault in one component of many does not resolve the vulnerability of critical business continuity. It is not easy to find the best complimentary mix and each scenario needs careful thought to identify and avoid different threats that can expose many new risks.
Finally, is there an easy way to categorize vendors into the appropriate MQ? The current MQ labels can be quite broad, and I expect Gartner and other analysts may create new categories as vendors innovate new solutions to respond to new attack methodologies. Do you have a timeline graphic of how the categories have grown over the years?
Richard this quote is such a powerful reason for customers to subscribe to IT-Harvest alone or in addition to an existing Gartner subscription .... "That would mean that Gartner MQs provide guidance on 1.3% of the universe of products." Awesome article!!
A universe is not a universe, until it is. Word. Inspired by Richard Stiennon.
Data talks! Great analysis, Richard. The world should watch what you're finding and act based on the data you present.
Great reflection Richard. Thank you for your frequent updates on the changing landscape of this critical sector.
Statistics may solicit different views depending on individual perspectives, but ultimately this is one sector where investors, vendors, founders, and customer decision-makers are mostly aligned about the value of information that can be gained from the stats. I wonder how the total universe of vendors (3,764) and products (19,900+) would compare with those being analyzed by Gartner (134 and 258 respectively)?
Similarly, it would be useful to know how investors are supporting each of the 24 sub-sectors (the Gartner MQ’s), and how their attention shifts between technologies over time, or in response to most current headline-grabbing attacks. Does the dynamic nature of cybercrime encourage investment in multi-product vendors or is there an innate trust in the longevity of point solutions? Basic data such as deal size per vendor and number of investors per deal would be interesting.
Another metric I think would be of interest to our wider community is understanding how cybercrime/attacks are spread across all the security sub-sectors. My interest here is not to identify vendors, products, or services that have failed to prevent a breach but rather to determine how and where cybercriminals are focusing their attention, and how we as an industry are responding.
I do not believe victims of cybercrime should be penalized, which seems to be a regulator's current response. Similarly, organizations already invest in hybrid technologies/solutions protection, and they need to accept that finding fault in one component of many does not resolve the vulnerability of critical business continuity. It is not easy to find the best complimentary mix and each scenario needs careful thought to identify and avoid different threats that can expose many new risks.
Finally, is there an easy way to categorize vendors into the appropriate MQ? The current MQ labels can be quite broad, and I expect Gartner and other analysts may create new categories as vendors innovate new solutions to respond to new attack methodologies. Do you have a timeline graphic of how the categories have grown over the years?
Richard this quote is such a powerful reason for customers to subscribe to IT-Harvest alone or in addition to an existing Gartner subscription .... "That would mean that Gartner MQs provide guidance on 1.3% of the universe of products." Awesome article!!
Great write up! It's so fascinating.
Thanks for the post Richard !!