Table of Contents
- Summary
- Market Categories and Deployment Types
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About Chris Ray
- About GigaOm
- Copyright
1. Summary
Cybersecurity incidents are a daily occurrence, and their frequency is only increasing. According to research conducted by the Cybersecurity and Infrastructure Security Agency (CISA), over 500,000 cyberattacks per day occurred in 2022, a count that has been steadily growing since 2016. The total number of attacks has risen to 6.4 billion, a truly staggering statistic.
Threat actors are deploying complex attacks and dynamic techniques to steal, compromise, and manipulate sensitive data from enterprises. Organizations are struggling to identify and mitigate cybersecurity threats, as exhibited by the fact that even businesses that adopt robust information security measures have been attacked.
It can feel as though everyone is a target, regardless of maturity and incumbent skills. This past spring, a large technology vendor trusted by the US government and many Fortune 500 companies was compromised. The vendor’s acknowledgment and response took months to be made public, a delay that was largely caused by the need to partner with a third party to perform an investigation after an internal investigation failed.
Unfortunately, many businesses do not have a cybersecurity incident response plan (cSIRP) in place to guide them during security events—and even if they do, it may not be sufficient. While the vendor referenced above had a cSIRP in place, it did not have staff with the skill required to execute the plan.
This is where professional cybersecurity incident response (cSIR) services come in. Organizations can preemptively partner with service providers or engage with them after a security incident. These service providers can be effectively bolted on to organizations, stepping in to lend a helping hand and perform tasks like forensic analysis of malware, incident scope identification, threat mitigation, strategic communications to the public and interested parties, and (the compulsory) data breach notification.
This GigaOm Radar report highlights key cSIR vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating cSIR Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.