Tag: cybersecurity

Cybersecurity Services PEAK Matrix® Assessment 2024 – North America

Cybersecurity Services PEAK Matrix® Assessment – North America

The increasing reliance on digital technologies has driven a significant rise in robust cybersecurity services’ demand in North America. Cloud computing, IoT devices, and remote work’s rapid adoption has expanded the attack surface for cybercriminals, making organizations more vulnerable to sophisticated threats such as data breaches and ransomware. This has created urgent challenges such as skilled professionals’ shortage and strict regulatory requirements for enterprises.

Providers are developing advanced cybersecurity solutions, such as AI-driven threat detection, zero trust, secure access service edge, gen AI security, quantum security, and autonomous security operations centers, to combat these challenges. They are also investing in talent development and automation to address the skill gap. As the digital landscape evolves, the focus on proactive and adaptive security measures is expected to drive continued growth in cybersecurity.

Cybersecurity Services

What is in this PEAK Matrix® Report

In this research, we assess 30 North American cybersecurity providers, featured on the Cybersecurity Services PEAK Matrix® Assessment 2024. The assessment is based on Everest Group’s annual RFI process for the calendar year 2024, interactions with leading cybersecurity providers, client reference checks, and the cybersecurity services market’s ongoing analysis.

Scope: 
 

  • Industry: all-encompassing industries worldwide
  • Geography: North America
Contents:
 
In this report, we cover:
 
  • Cybersecurity Services PEAK Matrix® characteristics in North America
  • Enterprise sourcing considerations
  • Providers’ key strengths and limitations in North America
READ ON

Related PEAK Matrix® Assessments

Cybersecurity Services
PEAK Matrix®

Cybersecurity Services PEAK Matrix® Assessment 2024 – North America

Operational Technology
PEAK Matrix®

Operational Technology (OT) Security Products PEAK Matrix® Assessment 2023

Next-generation IT Services
PEAK Matrix®

Talent Readiness for Next-generation IT Services PEAK Matrix® Assessment 2023

Task Mining
PEAK Matrix®

Task Mining Products PEAK Matrix® Assessment 2023

Our Latest Thinking

07-11-2024 - Gen AI and the Future of Cybersecurity - Get the presentation
Events

Gen AI and the Future of Cybersecurity: Advanced Strategies for Cyber Defense

GettyImages 1249846138
Blog

The CrowdStrike Update Incident: Readying for the Next Black Swan Event

Generative AI Adoption Maturity Among Cybersecurity Service Providers
Market Insights™

Generative AI Adoption Maturity Among Cybersecurity Service Providers

Generative AI in Cybersecurity
Market Insights™

Generative AI in Cybersecurity

What is the PEAK Matrix®?

The PEAK Matrix® provides an objective, data-driven assessment of service and technology providers based on their overall capability and market impact across different global services markets, classifying them into three categories: Leaders, Major Contenders, and Aspirants.

LEARN MORE ABOUT Top Service Providers

Gen AI and the Future of Cybersecurity: Advanced Strategies for Cyber Defense | Webinar

ON-DEMAND WEBINAR

Gen AI and the Future of Cybersecurity: Advanced Strategies for Cyber Defense

Generative AI (gen AI) is growing in popularity and is rapidly reshaping the cybersecurity landscape with its innovative capabilities.

This webinar, drawing from current advancements and Everest Group’s recent research, provided cybersecurity buyers and service providers with insights into new developments, emerging applications, challenges, and opportunities presented by gen AI in cybersecurity.

What questions did the webinar answer?

  • What are the drivers and inhibitors for gen AI adoption in cybersecurity?
  • What are some of the emerging gen AI use cases in cybersecurity?
  • What should enterprises do with gen AI in cybersecurity?
  • What should service providers do with gen AI in cybersecurity?

Who should attend?

  • CISOs and CIOs
  • Security and cybersecurity leaders
  • Heads of outsourcing
  • Procurement heads
  • Vendor managers
  • Service provider leaders
Kumar Avijit Light Grey
Vice President
Singh Chauhan Arjun Refresh gray square
Senior Analyst
Joshi Yugal 1
Partner

Crowdstrike Backs Microsoft’s Demand for Reducing Kernel-level Access | In the News

In a significant shift in the security landscape, CrowdStrike appears to be aligning with Microsoft’s demand to reconsider kernel-level access for security vendors.

“I foresee the security landscape evolving with Microsoft’s push to limit kernel-level access, and in the near term, we do not anticipate a significant shift in the security landscape due to Microsoft’s push to limit kernel-level access,” said Arjun Chauhan, Senior Analyst at Everest Group.

Read more in CSO.

Back to the Future: Windows Update Is Now a Trojan Horse for Hackers | In the News

A recent discovery has revealed a serious flaw in Microsoft’s Windows update.

“Although Microsoft has stated that it has not observed these downgrade attacks occurring in the wild, the lack of a reliable solution six months after the SafeBreach team reported the vulnerability raises concerns about Microsoft’s ability to effectively address this issue,” said Arjun Chauhan, Senior Analyst at Everest Group.

Read more in CSO.

The CrowdStrike Update Incident: Readying for the Next Black Swan Event | Blog

In just 78 minutes, a faulty update from CrowdStrike caused global chaos, grounding flights, disrupting hospitals, and halting banking services. This incident serves as a stark reminder of the urgent need for enterprises to bolster their resilience strategies. Read on to learn the essential steps enterprises must take to prepare for future disruptions. For more details, reach out to us to discuss this topic further.

What happened, and how did it happen?

CrowdStrike pushed a faulty sensor configuration update for Falcon that made the Windows devices crash; however, Linux and Mac devices weren’t impacted by this update. The update was pushed on July 19, 2024, at 4:09 UTC, and the remediation was provided on July 19, 2024, at 5:27 UTC – within 78 minutes, but these 78 minutes were enough to create waves that would result in major economic and societal impacts. CrowdStrike (or any other large software provider) can make kernel-level changes in Windows, and it was a kernel-level change that resulted in the Blue-Screen-of-Death (BSOD) error. This approach is very different from Mac, Apple revoked the kernel access to technology providers in 2020, but that resulted in a lot of technology providers having to re-write their entire software.

Microsoft confirmed that the number of Windows devices impacted was close to 8.5 million (around <1% of overall global Windows devices) in its recent press release, but we can’t ignore the severity of the impact.

Impacts of the faulty CrowdStrike update

Some of the major impacts were felt across the companies that directly dealt with end-consumers, including:

  • Airlines: Thousands of flights were canceled across the globe owing to the system outage on Windows devices. Delta alone reported that the pause in Delta’s operation resulted in more than 3,500 canceled Delta and Delta Connection flights through July 20. It wasn’t just the airlines; airports too suffered severely, with disruptions reported in airports around the world, such as Hong Kong; Sydney, Australia; Berlin; and Amsterdam
  • Healthcare: Several hospitals across the globe were impacted by the outage. In some cases, the outage resulted in the cancelation of non-critical surgeries. US-based Kaiser Permanente, which runs 16 hospitals and 197 medical offices across Southern California and provides care to 12.6 million members in the United States, said that all of its hospitals were affected, and it activated backup systems to keep caring for patients. In the UK, doctors were not able to access their online booking systems, and there are reports of cancelation of non-critical surgeries in Germany
  • Banks: Multiple banks saw disruption in services across the globe. Some of the leading ones that were unavailable are Arvest Bank, Bank of America, Capital One, Charles Schwab, Chase, TD Bank, US Bank, and Wells Fargo. There are reports of banks facing outages in Asia as well; the Reserve Bank of India (RBI) mentioned 10 Indian banks and NBFCs experienced minor disruption in services due to the CrowdStrike update

Microsoft called this outage a demonstration of the “interconnected nature of our broad ecosystem,” but this raises a lot of questions about how software updates are pushed, whether enterprises should trust all the updates, and what to do in such situations. In one interview, the Chair of the Federal Trade Commission said, “These incidents reveal how concentration can create fragile systems.”

Typical enterprise challenges that make these incidents more severe

This is not a one-off incident, and in no logical sense will this be the last either. Enterprises face several challenges in managing these kinds of incidents, but some of the biggest challenges are as follows:

  1. Lack of agility: Enterprises often struggle to quickly adapt to and mitigate unexpected issues due to rigid processes and slow decision-making
  2. Complex infrastructure: Diverse and outdated systems increase the difficulty in identifying and resolving issues, prolonging outages
  3. Gigantic scale: Large enterprises operate vast and interconnected systems, making it challenging to quickly isolate and resolve issues, leading to widespread disruptions
  4. Limited asset visibility: Inadequate tracking of assets hampers the ability to pinpoint and address affected components swiftly, exacerbating the impact of incidents

What should enterprises do for a long-term fix?

Enterprises must prioritize building business resilience to address black swan events, such as the CrowdStrike update incident or the COVID-19 pandemic. Business resilience is the ability of an enterprise to quickly adapt to disruptions while maintaining continuous operations and safeguarding people, assets, and brand equity. This approach not only ensures long-term sustainability but also provides a competitive advantage, as demonstrated by airlines and banks that remained unaffected.

One of the core pillars of business resilience is cyber resilience, which is more about how to deal with zero-day attacks that can literally halt the business operations of a company. We have internally developed a cyber resilience framework called 5R. Our 5R framework can help enterprises remain cyber resilient in the face of such black swan events.

Picture1 2

A parallel can be drawn for operational resilience, the other important half of business resilience, using the same framework – enterprises can look at these individual 5Rs of Ready, Respond, Recover, Reinforce, and Revamp from a business perspective. In CrowdStrike’s faulty update push case specifically, enterprises need to focus on Reinforcing their learnings and leverage supply chain best practices to make sure that the impact of black swan events can be minimized.

To summarize, here are some key actions enterprises should take for a long-term fix:

  1. Emphasize innovation in business resilience: While enterprises understand its importance, there has been little innovation in business resilience. Invest in solutions that match advancements in cybersecurity, cloud, and apps
  2. Focus on cyber resilience: Develop strategies to manage zero-day attacks and other cyber threats, using frameworks like the internally developed 5R framework
  3. Enhance operational resilience: Ensure continuity during disruptions by adopting best practices and integrating supply chain management to mitigate unexpected impacts
  4. Foster strategic collaboration: Collaborate closely with service providers to build effective resilience frameworks, moving beyond treating them as mere order-takers
  5. Establish Objectives and Key Results (OKRs) and Service Level Agreements (SLAs) on business resilience: Implement OKRs and SLAs to measure and ensure business resilience, aligning them with strategic goals for continuous improvement

While talking to some enterprises over the “outage weekend,” we realized how the industry leaders are looking to build stronger OKRs around business resilience and tie them to SLAs. Some of the OKRs and corresponding SLAs that we discussed are added below:

Objective Key result SLAs
Ensure operational continuity Reduce system downtime by XX% Maximum allowable downtime of XX hour per month
Enhance disaster recovery capabilities Implement automated backup solutions across all systems Data backup completed within XX hours of changes
Strengthen cybersecurity posture Decrease security incidents by XX% Incident response time of less than XX minutes
Improve supply chain resilience Diversify suppliers for key components XX% of key suppliers with alternative sourcing options
Boost employee readiness Conduct quarterly business resilience training sessions XX% employee participation in training sessions

How should enterprises partner with service providers to establish business resilience?

Enterprises should strategically identify and align with key service providers within their ecosystem to enhance business resilience, including preparation for black swan events. Service providers specializing in infrastructure management and cybersecurity services are ideal partners, as these areas are more crucial to overall business resilience. Opting for one or two partners enhances accountability and effectiveness in resilience efforts. Here are key recommendations for enterprises for choosing a strategic partner for business resilience:

  1. Enhanced protection strategies: Partner with service providers to implement comprehensive protection solutions, including real-time risk detection and response. This collaboration helps safeguard against disruptions, ensuring continuous operations
  2. Frequent data back-ups and recovery services: Ensure service providers offer automated, regular data backups and quick recovery solutions. This strategy enables swift restoration of operations after data loss or corruption, minimizing downtime
  3. Better asset visibility: Work with service providers to gain enhanced visibility into digital assets through advanced tools and platforms. Effective monitoring and management of infrastructure allow for quick identification and resolution of potential issues
  4. Robust supply chain through sandboxing: Encourage service providers to implement sandboxing techniques to test and validate software supply chain updates in a controlled environment. This approach ensures robust and resilient supply chain operations that can adapt to disruptions
  5. Training employees on business resilience: Collaborate with service providers to conduct regular training sessions for employees on business resilience strategies. This training equips employees with the knowledge and skills needed to handle disruptions and maintain operational continuity

The recent CrowdStrike update incident underscores the vital need for robust business resilience. To mitigate future disruptions, enterprises should invest in innovative resilience strategies, enhance cybersecurity measures, and collaborate with service providers to ensure continuous operations and safeguard their assets. To learn more about the 5R framework or for questions, reach out to Arjun Chauhan or Kumar Avijit.

Watch the webinar, Gen AI and the Future of Cybersecurity: Advanced Strategies for Cyber Defense, for insights into new developments, emerging applications, challenges, and opportunities presented by gen AI in cybersecurity.

Safeguarding Ethics and Cybersecurity in the AI-Driven Corporate Realm | In-Person Roundtable

Invite only

Safeguarding Ethics and Cybersecurity in the AI-Driven Corporate Realm

May 23, 2024

6:00 p.m. to 9:00 p.m.

Facilitated by Everest Group

SLB is subscribed to Everest Group memberships. As you know, Everest Group hosts events to help our member GCC clients exchange perspectives and best practices and to help us deliver well-rounded insights for our members.

We are excited to extend an invitation to you for the SLB Industry Networking Dinner Event, moderated by Everest Group, an in-person roundtable discussion. Topics covered will include:

  • Perception and adoption: How do you perceive the current state of AI ethics and cybersecurity in the corporate world? What factors are driving adoption or resistance?
  • Risk management: How do you approach risk management in AI projects, particularly around ethics and cybersecurity risks
  • Accountability and transparency: How do you ensure AI systems’ accountability and transparency? How do you communicate this to stakeholders?
  • Future preparedness: What steps are you taking to future-proof your organization against emerging AI ethics and cybersecurity challenge?

What will you take away?

  • Actionable strategies to help leaders lead ethics, cybersecurity, and AI-driven initiatives from their GCCs
  • Key focus areas and provocations for success in 2024
  • Success stories from best-in-class peers

Session details

  • Date: Thursday, May 23, 2024
  • Venue: Schlumberger Pune India Technology Center (PITC), Commerzone IT Park, Yerawada, Pune
  • Time: 6:00 p.m. to 9:00 p.m.

 Who should attend?

  • GCC heads
  • GCC strategy leaders
  • Technology function leaders

REQUEST TO ATTEND

Roundtable guidelines

The only price of admission is participation. Attendees should be prepared to share their experiences and be willing to engage in discourse. Participation is limited to enterprises/GCCs (no service providers). Everest Group will approve attendance to ensure an appropriate size
and mix of participants. The roundtable includes introductions, a short presentation, and a facilitated discussion.

Kindly confirm your attendance by Thursday, May 9 by reverting on this email. This Executive Roundtable is a unique opportunity to connect with industry leaders, share perspectives, and collectively shape a more inclusive and forward-thinking workplace. If you have any questions or require further information, please don’t hesitate to contact us.

We look forward to your participation in this event!

Speaker
Agarwal Anish
Practice Director, Everest Group
Aniruddha edited

The Future of Cybersecurity: Key Takeaways from RSA Conference 2024 | Blog

Discover the pivotal moments of RSA Conference 2024 in San Francisco, where AI’s transformative potential took center stage alongside the rise of cybersecurity platformization and the urgent focus on industrial security. Read on to uncover the conference’s highlights and how AI may shape the future of cyber-protection.

Like most years, the city of San Francisco came to life with the annual RSA Conference, held at Moscone Center from May 6 – 9. This time, it saw 40,000+ attendees, with hundreds of exhibitors both at the conference expo floor and in and around the Moscone Center. The city of San Francisco also ensured a smooth experience for visitors moving around the conference areas. Let’s explore the key highlights from the conference.

Art of AI possible

The theme of RSA Conference 2024 was the “art of the possible,” and it truly lived up to its tagline with a variety of AI-possible use cases and applications in cybersecurity demonstrated in large scale. There is increasingly more chatter and buzz from vendors about everything being AI-powered, AI-orchestrated, and AI-delivered. Most vendors are leveraging AI to enhance their capabilities, and at the same time, there are vendors who are positioning their existing offerings to secure the LLMs/AI. Again, at this point, all conversations are about AI governance, and not a single vendor solution exists that can completely secure the model, applications, data, and infrastructure for the AI era.

Everest Group’s recent interactions with enterprise clients demonstrate that AI adoption is still very early, with most enterprises still in the wait-and-watch state. We have built a framework to evaluate AI-driven gains in cybersecurity, which helps enterprises select the right use case for cybersecurity adoption. Learn more about the framework.

Ushering the platformization era in cybersecurity

The platform story in cybersecurity is gaining further momentum, and we’re seeing vendors expanding capabilities centered around their core offerings. As enterprises pivot preferences from best-of-breed to easy-to-integrate, the platform narrative will get stronger. We also see large system integrators building platforms to enable service delivery. Learn more about the key traits of successful platforms.

Industrial and critical infrastructure remain top of mind

Almost all the conversations with system integrators strongly focused on operational technology (OT) security, which clearly is a high-opportunity area across different industries such as manufacturing, energy & utilities, and critical infrastructure (water, pipeline, etc). The enterprise’s realization that the IT-OT air gap is no longer existent and the lack of security controls in their legacy OT systems requires fortification has driven demand for OT security solution providers. To learn more about OT providers and products, Everest Group analyzed nine global OT security technology providers and featured them on the Operational Technology (OT) Security Products PEAK Matrix® Assessment 2023.

Focused partnerships and alliances

We notice the partner and alliances ecosystem evolving between system integrators and technology vendors. A slew of announcements by technology vendors shows intent to be deeply entrenched with SIs and drive joint market outcomes. Further, we see system integrators picking and choosing partnership preferences and categorizing technology vendors across three main categories and having different market perceptions. Learn more about the three categories and service providers’ perceptions.

Role of Government in shaping regulation and cybersecurity

The US federal government agencies, FBI, CISA, and Homeland Security, have been regular participants at the RSAC conference in the past. This time, the highlight of the conference was the keynote from US Secretary of State Anthony J Bilken. This strong presence at a top cybersecurity conference highlights the US government’s urgency on cybersecurity and its role in driving cybersecurity investments. Further, CISA’s latest “secure by design” initiative has seen signatures from 68+ technology vendors, including Microsoft, Google, Cisco, AWS, and IBM, which is a voluntary commitment to “make a good-faith effort to work towards” seven goals within a year of signing the pledge and show measurable progress on the goals. CISA plans to recruit more volunteers and monitor the progress of all signatories at next year’s RSAC conference.

The current cybersecurity landscape is more complex than ever, with threat actors not leaving any respite for government agencies, technology vendors, system integrators, and other ecosystem participants. It is yet to be seen who will emerge victorious in this race to be cyber-protected. It could be that AI-led security outcomes will help determine the winner.

Learn more about the cybersecurity landscape or to ask questions, reach out to Abhishek Singh at [email protected] and Kumar Avijit at [email protected].

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.