Tag: cybersecurity

RSA 2023 Conference Sizzles with Focus on Artificial Intelligence for Cybersecurity | Blog

Generative Artificial Intelligence, threat detection and response, simpler cybersecurity solutions, attack vectors, and identity and access management were among the key cybersecurity industry trends grabbing attention at the RSA Conference in San Francisco. Read on to learn the main takeaways from our analysts who attended the recent event.

You can also reach out to us to learn more.

The annual RSA Conference (RSAC) lived up to the expectations of being one of the industry’s largest cybersecurity events, with 40,000-plus attendees packing the Moscone Center over four active days. The energizing atmosphere showed the cybersecurity community’s eagerness to meet and socialize again post-pandemic.

Here are the main cybersecurity industry trends we saw at RSAC 2023.

Generative Artificial Intelligence (GAI)

Generative AI stole the show with widespread discussion on the technology in every corner of the trade show floor that continued at social gatherings. Among the many new products launched at the event was Google Cloud’s Security AI Workbench, based on its propriety security large language model (LLM) Sec-PaLM that includes data sets from Chronicle VirusTotal and Mandiant threat intelligence.

In the past few years, advanced AI and Machine Learning (ML)-based technologies and use cases have swept the cyber industry. But we have never seen such a level of hype as garnered by Microsoft’s announcement of Security Copilot, based on  OpenAI’s GPT-4 Generative AI. This security analysis feature is aimed at helping security professionals understand threat landscapes and quickly detect and respond to potential threats.

Generative AI’s many benefits outweigh security concerns, especially in the talent-crunched cyber market. It can play a defining role in bringing efficiencies in security operations and scaling talent readiness.

Among potential areas we see Generative AI playing a larger role are summarizing incidents and findings, generating clear and concise reports and presentations, and augmenting human analyst capabilities by tailoring responsibilities to the organization’s landscape and enhancing the analyst experience.

Threat detection and response

Managed detection and response (MDR) and extended detection and response (XDR) providers had one of the largest presences at expo booths. As detection and response emerges as a primary shield by enterprises to protect and defend against cyber attacks, demand is increasing for MDR services.

Further, enterprises demand extensive telemetry coverage across not only traditional touchpoints such as endpoints and networks but also across next-generation touchpoints such as cloud, SaaS applications, and Internet of Things/operational technology (IoT/OT).

Our recent analysis of 27 MDR service providers in the Managed Detection and Response (MDR) Services PEAK Matrix® Assessment 2023, found OT and IoT monitoring and response are key differentiators within enterprises.

Shift from best of breed to ease of integration and management

Cybersecurity point solutions have grown 13 times in the past decade, increasing complexity and slowing enterprise decision-making. Enterprises are demanding a shift from best-of-breed solutions to future-proof solutions that are easy to integrate and manage.

This is creating opportunities for providers to approach the enterprise cybersecurity landscape with a consolidation mindset, drive simplification, and reduce the total cost of ownership.

Attack vectors remain a constant

Vulnerabilities, cyber-attacks, ransomware, supply chain security, software bill of materials (SBOM), and breaches remained the buzz at RSAC 2023. Aggravated by the ever-changing and never-ending regulations, the C-suite is in the middle of cybersecurity action, and cybersecurity providers must focus on boardrooms for budget approvals.

Year of identity

Will 2023 be the year of identity? Identity and access management has risen as an area getting maximum budget allocations and missing the CFO’s axe in the current macroeconomic headwinds. Enterprises are looking to get started with identities to fortify their cybersecurity posture, kickstart the zero-trust journey, enhance customer experience, and drive business outcomes from cyber investment.

Everest Group will continue to investigate this growth area. Stay tuned for our inaugural Identity and Access Management PEAK Matrix Assessment.

To discuss RCA and cybersecurity industry trends, please reach out to [email protected] and [email protected].

Dive further into the current Generative AI discussion in our webinar, Welcoming the AI summer: How Generative AI is Transforming Experiences.

Oracle Adds Free Confidential Computing Option to Cloud Service | In the News

Oracle today added a confidential computing capability to its Oracle Cloud Infrastructure service at no extra cost. The service is based on AMD Secure Encrypted Virtualization (SEV) or AMD Secure Memory Encryption (SME) processors.

It’s not clear whether confidential computing will ever become the default option for deploying application workloads in the cloud, but a recent report by Everest Group forecasts the total addressable market for confidential computing could grow to US$54 billion by 2026, up from roughly US$2 billion last year.

Read more in Security Boulevard.

Securing Cloud Tech Stacks with Zero Trust Will Drive Growth of Confidential Computing | In the News

For enterprises to realize the potential that real-time datasets can deliver, cloud tech stacks need more security with zero trust. Confidential computing is essential to securing data at rest, in transit, and in use.

Compliance, privacy, and security use cases, particularly on public cloud, have gained the most significant traction, accounting for 30 to 35% of the worldwide market, according to Everest Groups’ report Confidential Computing: The Next Frontier in Data Security. And the confidential computing market is predicted to grow to US$54 billion by 2026.

Read more in Venture Beat.

Four Steps to Improve Cybersecurity Pricing and Feel More Secure with your Spend | Blog

Investing in cybersecurity can be costly for organizations but is essential in today’s risky environment. With a myriad of confusing pricing models, determining your cybersecurity spend shouldn’t be another threat. Learn some simple steps to feel more secure in negotiating cybersecurity pricing. 

Contact us to further discuss this topic or for questions.

With demand for cybersecurity services skyrocketing in recent years, budgeting decisions have moved beyond IT discussions to C-level conversations by the boards of the largest enterprises.

This focus at the highest levels, along with the rapid evolution of cybersecurity technologies and services, has brought an unintended pain point – unwieldy cybersecurity pricing structures with a great deal of overpricing by providers.

The problem is exacerbated by a few practical issues, including:

  • Vendors using different pricing models for the same service: For instance, pricing for Managed Detections and Response (MDR) solutions varies with CrowdStrike and Red Canary having per endpoint pricing, Sophos offering per user pricing, and Rapid7 following an asset-based pricing model
  • Inconsistency in defining unit-based pricing metrics: Even for seemingly commonplace services such as security information and event management (SIEM), some vendors consider peak values of events per second (EPS) while others consider average values
  • Semi-asset heavy pricing nature: Pricing is frequently a bundled black box with provider-financed licenses for cybersecurity platforms

It is not surprising that most enterprises we spoke with in the last twelve months were unsure whether they had struck the right deal with providers for their cybersecurity spend. Let’s explore this further.

Steps to achieve clearer cybersecurity pricing

Despite the nebulous structures, transparency in cybersecurity pricing can and should be achieved by following these four simple steps:

  1. Break the black box fee into logical components such as transformation costs, license costs, run fees, and project management office (PMO) charges
  2. Break the run fee to the lowest unit level, such as per endpoint for antivirus or per IP address for vulnerability management
  3. Benchmark the run fee pricing at this unit level
  4. Benchmark pricing of transformation costs, license costs, and PMO charges to achieve maximum benefits

The potential savings that can be realized by going through this process can be substantial, as illustrated in this example of a large natural resources company that had a standalone cybersecurity services relationship with a Tier-1 IT service provider.

The relationship had comprehensive coverage across the security value chain (including endpoint security, host intrusion prevention, endpoint detection and response, identity and access management, cloud security, firewalls, email gateways, network intrusion prevention, security information, and event management).

The provider financed licenses for CrowdStrike and Netskope, while the client financed licenses for other platforms such as Symantec and Palo Alto Networks. The contract had a black box fee model for a defined range of volumes (number of endpoints, firewalls, gateways, EPS, etc.).

Working closely with the client through the four-step process described above, we benchmarked the current cybersecurity spend. As a result, the client locked in a 16% spend reduction at renewal, even though the general pricing trend in the industry was clearly inflationary.

For more cybersecurity pricing tactics to increase contract efficiency and competitiveness, please reach out to [email protected] and [email protected].

Hear from our pricing experts as they discuss recent pricing trends, key tactics enterprises use to keep their software spend in check, and the outlook for software and cloud pricing in 2023 in this webinar, Software and Cloud Pricing and Contract Negotiations: Keep Spend in Check.

Digital Doppelgängers and Evil Twins: How Brands Can Guard against Identity Theft and Fraud in the Metaverse | In the News

Humans have a one-in-a-trillion chance of having a doppelgänger in the world—that is, someone who looks exactly like them down to their eyes, lips, and bone structure. But in an avatar-driven digital environment like the metaverse, another individual running around with your (digital) face is much more probable.

As reported by Everest Group in their “Taming the Hydra: Trust and Safety in the Metaverse” report, 55% of respondents in the US were concerned about the tracking and misuse of their personal data in the metaverse.

Read more in Fast Company.

Now is the Time to Protect Operational Technology Systems from Cyber Risks | Blog

With growing digitalization and interconnected devices, Operational Technology systems that monitor and control industrial processes in critical infrastructure are increasingly vulnerable to cyber attacks. Learn about the OT security concerns enterprises face and key considerations for selecting an OT security provider in this blog.   

Historically, IT and Operational Technology (OT) systems have been air-gapped, with little or no spending on Industrial Control Systems (ICS) security by enterprises. Further, most investments in industrial robots, SCADA, and PLC systems were made with a multi-decade horizon. This differs from IT investments, where the horizon is five years, and the technological refresh takes care of the security risk. Enterprises have been unwilling to touch OT systems because these big, monolithic systems ran well for many years, making security vulnerabilities and risks less of a priority to consider.

But OT systems – that power some of the nation’s most critical infrastructure – are at risk.

With the recent pandemic-driven digitization push and enterprises wanting to run resilient supply chains, these large monolithic untouched systems are now interconnected, making them highly prone to cyber attacks. These OT systems have also never been given basic security treatment of frequent patching, regular security updates, and periodic backups, which has further aggravated the issue.

Operational technology systems cyber attacks

Highly public cyber attacks on OT systems have raised awareness about the serious risks these security breaches can have on essential services, as seen in these industry-specific cases:

  • Manufacturing – This segment had the second-highest ransomware-associated data extortion attacks in 2021. Traditionally, plant machinery and equipment have been designed for performance and not security. But stalled assembly lines or production units directly impact end buyers and can be disastrous for manufacturers
  • Energy, utilities, and water – Threat actors have been targeting the most crucial elements in this critical infrastructure industry, mandating enhanced cybersecurity controls. Securing critical grid assets, substations, distribution pipelines, meters, etc., must be addressed
  • Oil and gas – Digitizing operations for improved efficiency has increased the attack surface and has made this area more vulnerable to threats. During the Russia-Ukraine war, states were reportedly involved in sponsoring attacks, leading governments across the world to alter or create industry regulations and guidelines

Operational technology systems key challenges

The increasing connectivity of operational technology with external networks has further exacerbated the many OT security challenges enterprises face. Major OT security concerns include asset identification, misaligned IT and OT functions, OT threat and asset intelligence, patching legacy infrastructures, OT vulnerability management, and network segmentation.

Based on market conversations with more than 100 market participants, Everest Group identified and prioritized the following key enterprise challenges.

Technology vendor snapshot for OT security


Source: Everest Group

Specialist providers can help enterprises navigate security challenges related to OT and ICS. Enterprises should seek technology solutions that allow them to quickly identify vulnerabilities and prioritize actions to reduce and eliminate potential risks.

A provider of choice should offer a single platform for visibility and threat monitoring while ensuring seamless integration with existing enterprise technology investments. The below capabilities illustrate what enterprises should look for when selecting an OT security provider.


By investing in tools that can provide vital intelligence and partnering with providers that offer compatible, industry-specific solutions and a skilled talent pool, enterprises can begin to thwart the growing risks to OT systems – before it is too late.

To discuss Operational Technology Systems and OT security, please reach out to [email protected] and [email protected].

Explore the top five demand themes in technology services – data and AI, cloud, experience, platforms, and security – driving growth for IT service providers in 2023 in our upcoming webinar, IT Service Provider 2023 Forecast: The Top 5 Themes for Growth and Wallet Share.

Top 5 Stories of the Week: Deloitte’s Cybersecurity Predictions, the True Cost of a Breach, AI’s New Diet | In the News

A new report released this week from Perception Point and Osterman Research found that, on average, companies pay $1,197 per employee each year to address cybersecurity incidents — which can add up quickly the larger an organization is.

Sandeep Pattathil, a Senior Analyst at the IT advisory firm, Everest Group, told VentureBeat that a major challenge still ahead will be quantum computing’s algorithmic advances — not speed.

Read more in VentureBeat

IT Security Services PEAK Matrix® Assessment 2022 – North America

Top IT Security Services in North America

Organizations are leveraging IT security services to improve their security postures and prepare for challenges such as ransomware attacks and business disruptions. The COVID-19 pandemic, the shortage of cybersecurity talent, and rising CAPEX and OPEX in maintaining in-house security teams, especially during the Great Resignation, have further accelerated the adoption of security services. The US federal government has taken a serious stance against cybercriminals and has been proactively making laws on a range of security challenges, such as Operational Technology (OT) security and data privacy laws, such as the California Consumer Privacy Act (CCPA). All these factors combined have surged IT security services demand across North America.

DOWNLOAD THE FULL REPORT IT Security Services PEAK Matrix® Assessment 2022 – North America

What is in this PEAK Matrix® Report:

In this PEAK Matrix® assessment, we:

  • Examine the profiles of 27 IT security service providers in North America
  • Study each provider’s strengths and weaknesses
  • Evaluate enterprise sourcing considerations

In this research, we present an assessment of 27 IT security service providers in North America. 

  • Geography: North America
  • Industries: all industries
  • Services: IT security services
  • The assessment is based on Everest Group’s annual RFI process for the calendar year 2022, interactions with leading IT security service providers, client reference checks, and an ongoing analysis of the IT security services market

LEARN MORE ABOUT IT Security Services PEAK Matrix® Assessment 2022 – North AmericA

Our Thinking

GettyImages 1443890653

Exploring the Importance of Post-quantum Cryptography: An Unbreakable Vault to Protect Enterprises Against Advanced Cyberattacks, Part 2

Cybersecurity is Becoming a Key Enterprise Spend Area
Market Insights™

Cybersecurity is Becoming a Key Enterprise Spend Area

Cybersecurity Market Shift - From Best-in-Class OR Easy-to-Integrate to Both
Market Insights™

Cybersecurity Market Shift – From Best-in-Class OR Easy-to-Integrate to Both

Service Providers’ Perceptions of Cybersecurity Technology Providers
Market Insights™

Service Providers’ Perceptions of Cybersecurity Technology Providers

What is the PEAK Matrix®?

The PEAK Matrix® provides an objective, data-driven assessment of service and technology providers based on their overall capability and market impact across different global services markets, classifying them into three categories: Leaders, Major Contenders, and Aspirants.

LEARN MORE ABOUT Top Service Providers

Cyber Insurance Market: Carriers Navigating through a Changing Risk Landscape

With increased cyber attacks and data breaches post-pandemic, cyber insurance to protect against the rising digital threats is growing in demand. Cyber insurers can benefit by partnering with service providers to seize opportunities for growth and profitability in this fast-growing market. Read on to learn how.     

Cybersecurity continues to be a top priority for enterprises across all industries, primarily driven by increased cyber attacks and data breaches in the wake of COVID-19. Enterprises are increasingly strengthening firm-wide cyber defenses and turning to cyber insurance as a mitigating measure to counter the rising threats in today’s increasingly digitized world.

In particular, the pandemic has accelerated the severity, frequency, and complexity of ransomware attacks. Data from the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) suggests the total value of suspicious activity reported in ransomware-related incidents during the first six months of 2021 was US$590 million, more than the US$416 million reported for all of 2020. The frequency has also gone up, with 658 ransomware-related suspicious incidents being reported during the first six months of 2021, representing a 30% increase from the total reports filed for 2020.

Costs associated with cyber attacks also are rising. According to the IBM Cost of a Data Breach Report, the average data breach costs rose from US$3.86 million to US$4.24 million in 2021.

All of these factors have led to a substantial increase in cyber insurance pricing across the world. An analysis by Marsh shows US cyber insurance pricing increased 96% year-over-year during the third quarter of 2021, which also represented a 40 percentage point increase from the second quarter of the year.

1 1

Image 1: US insurance market pricing change – overall commercial vs cyber insurance segments

US cyber insurance market provides significant growth opportunities

Direct premiums for US-domiciled insurers stood at US$2.75 billion in 2020 – less than 1% of the overall direct written premium in the US property and casualty (P&C) insurance market – reflecting the runaway growth in cyber insurance. This segment has also grown at a decent pace over the last five years, registering a compound annual growth rate (CAGR) of 13.3% during that period.

Standalone cyber insurance policies are gaining prominence and have seen faster adoption than packaged policies sold as add-ons to other insurance products/policies. This can be attributed to enterprises’ need for broader coverage and a better understanding of policy terms and costs.

While most carriers have mainly serviced corporate clients, they are now starting to focus on the retail segment by providing standalone cyber insurance products that have typically been sold as add-ons to homeowners insurance. For example, Chubb recently launched Blink, a new personal cyber protection offering that covers expenses related to identity theft, fraudulent wire transfer, cyberbullying, and ransomware extortion.

Insurers are also offering joint go-to-market (GTM) products to provide comprehensive cyber risk management solutions to enterprises. In 2021, Allianz and Munich Re partnered with Google Cloud to launch a solution for Google Cloud customers that combines the risk-transfer expertise of Allianz and Munich Re with Google’s security capabilities to provide clients tailored coverage.

Advent of insurtechs in the cyber insurance market segment

The insurtech space has recently witnessed increased activity where most newcomers are catering to specific segments like small to medium enterprises. Insurtechs are leveraging their tech capabilities to make the underwriting process more streamlined and automated while incumbents continue to face legacy issues.

However, insurtechs lack the capital resources of their traditional counterparts and hence are forming alliances with traditional insurers to combine their respective capabilities. Some insurtechs are also offering coverage on behalf of incumbents through the Managing General Agent (MGA) model.

  • Cowbell Cyber, a full-stack insurer providing cyber coverage to SMEs, raised US$100 million this March to expand its go-to-market channels and increase investments in data science, underwriting, risk engineering, and claims management
  • At-Bay, a cyber insurtech MGA, announced a partnership in September 2021 with Microsoft to offer data-driven cyber insurance coverage to Microsoft 365 customers

Challenges for insurers in a hardening cyber market

While cyber insurers have experienced significant top-line growth, profitability remains a major concern as payouts have outstripped premium growth. The increased payouts have led to higher loss ratios. The loss ratio for US cyber insurers increased from a 42% average during 2015-19 to 73% by 2020. Insurers are responding by narrowing the cyber coverage scope and limiting cyber capacity. They also are imposing sublimits for ransomware coverage and adding coinsurance requirements to cyber policies.


Image 2: Insurers narrowing cyber coverage scope and limiting cyber capacity

How can cyber insurers benefit from BPS partnerships?

Partnering with Business Process Services (BPS) providers can help cyber insurers in the following ways:

Providing underwriting talent: As the adoption of cyber insurance grows, it will also lead to higher volumes for carriers. Service providers can provide support by standardizing parts of the underwriting process to enable carriers to handle increased work volumes. This can include deploying straight-through processing by standardizing the intake process and applying rule-based engines for low-premium policies to free up time for underwriters to focus on larger policies. They can also take over non-core pre- and post-underwriting work and help create scalable Centers of Excellence (CoEs) at profitable locations.

 Enabling technology: As carriers tighten their underwriting requirements with an increased focus on analyzing enterprises’ history of ransomware incidents and cyber breaches, they will heavily rely on third-party tools and public data sources to evaluate the insureds’ level of risk. This provides an opportunity for service providers to work with carriers to provide such tools and applications to help them assess risks associated with a particular firm.

Ensuring compliance: Amid the ever-evolving cyber threat landscape, governments and regulators across the globe are introducing new cybersecurity-focused legislation. The US Congress passed a new cybersecurity law in March mandating critical infrastructure entities to report cybersecurity incidents and ransomware payments to the relevant authority within 72 and 24 hours, respectively. Service providers can support carriers on various compliance-related matters. While some providers have compliance-specific expertise in licensing and filings, others have dedicated teams for compliance review and obligations. Third-party BPS providers can leverage these resources and work with carriers to ensure compliance.

Partnerships critical to the cyber insurance market’s future

As carriers seek growth in the cyber insurance market, they will need to strike the right balance to also achieve profitability. At the same time, service providers will have to keep up with the evolving market and appropriately build their cyber capabilities.

By working together, carriers and service providers can address some of the current market challenges and capitalize on the opportunities in the cyber insurance space to achieve sustainable growth.

For more information, please read our comprehensive assessment of the players in the P&C Insurance BPS segment, Property and Casualty (P&C) Insurance BPS – Service Provider Landscape with PEAK Matrix Assessment 2022.

To discuss opportunities in the cyber insurance market, please reach out to Somya Bhadola at [email protected] and Dinesh Singh Udawat at [email protected] or contact us.


How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.