Amid the proliferation of sophisticated cyber attacks, network security remains an overarching component of an organization’s overall security strategy to detect and respond to threats. Network detection and response (NDR) tools have proven to support a diverse set of use cases, including improving response capabilities, accelerating incident response processes, detecting advanced attacks, and monitoring cloud environments. Security teams recognize artificial intelligence and machine learning (AI/ML) embedded in NDR tools are critical in providing more accurate and faster threat detection, as well as greater operational efficiency.
Cybersecurity & Networking
-
-
Encrypted threats continue to pose a problem for many businesses. Nearly every organization decrypts and inspects some of its traffic, yet most companies refrain from decrypting all their traffic and therefore lack the visibility necessary to prevent encrypted attacks. Many enterprises use various tools and techniques in the hopes of increasing visibility with and without decryption. Network detection and response tools that detect encrypted threats without decrypting, help close visibility gaps, and prevent attackers from exploiting encrypted traffic are gaining wider attention.
-
Research Objectives
- Assess whether this threat vector is a significant concern for IT and security leaders.
- Determine where this expanding threat vector fits into modern security strategies and practice.
- Understand where and how organizations are currently securing this threat vector.
- Identify key challenges, objectives, and opportunities to mitigate risk.
-
Public cloud use has been pervasive for years, and digital transformation initiatives and remote work have further accelerated the migration of data assets to cloud stores.
The Cloud Data Security Imperative, an April 2023 research report from TechTarget’s Enterprise Strategy Group, validates that conventional wisdom: More than a quarter of respondents (26%) currently store at least 40% of their corporate data in the public cloud — and this will double over the next two years — 58% of respondents expect to store at least 40% of their data in the public cloud 24 months from now.
Read my blog to get more of my insights into this research.
-
Cybersecurity
Security teams continue to have a lot on their plate as they navigate an evolving threat landscape, continued technology innovations, and resource constraints.
It’s more important than ever to accurately assess underappreciated risk and threat vectors and to identify effective and efficient ways to address them.
Our latest research shows the average number of planned investments in Cybersecurity technology tops all other tech categories we studied.
We work closely with vendors and end users alike to stay up to date on how organizations are investing, what problems they’re trying to solve, and how the market is changing or adapting to the latest trends. Enterprise Strategy Group’s Cybersecurity analysts and research cover every aspect of an organization’s cybersecurity needs and lifecycle, including:
- Application security
- Cloud security
- Cyber risk management
- Data security
- Identity & access management
- Network security
- Security operations
- Threat detection & response
- User protection
Research Brief
Small Enterprise Cybersecurity Report Card: A Surprising Result
As pivotal, operations-supporting technologies, securing cloud infrastructure and applications as well as the data stored in or traveling between them is a major priority for cybersecurity teams today. Recent research by Enterprise Strategy Group, now part of Omdia, revealed that despite their size, smaller enterprises often have mature cybersecurity programs, leveraging many of the same […]
Analysts Covering Cybersecurity
John Grady
Principal Analyst, Network Security & Web Application Security
Areas of Expertise
- Bot Mitigation
- CASB
- DDoS
- Firewall
- IPS
- Microsegmentation
Dave Gruber
Principal Analyst, Ransomware, SecOps & Services
Areas of Expertise
- All Things Security Operations
- Leveraging AI in SecOps
- Managed Detection & Response
- MidMarket Cybersecurity Strategies
- Ransomware Security Strategies
- Security Analytics
Gabe Knuth
Principal Analyst, End-user Computing & User Protection
Areas of Expertise
- Desktop & App Virtualization (VDI)
- Desktop-as-a-Service (DaaS)
- Digital Employee Experience (DEX)
- Digital Workspaces
- Email Security
- End-User Devices & Hardware
Melinda Marks
Practice Director, Cybersecurity
Areas of Expertise
- API Security
- Application Security
- Cloud Security Posture Management
- Cloud Workload Protection Platforms
- Cloud-native Technologies
- Container Security
Tyler Shields
Principal Analyst, Risk & Vulnerability Management
Areas of Expertise
- API Security
- Application Security Posture Management
- Attack Surface Risk Management
- GRC/Compliance
- Offensive Security Technologies
- Pen Testing Services
Aaron Tan
Regional Director, Analyst Services, APAC
Areas of Expertise
- Application Modernization & DevOps
- Business Applications
- Cloud Computing
- Cybersecurity
- DevOps
- IaaS/Cloud
Todd Thiemann
Principal Analyst, IAM & Data Security
Areas of Expertise
- Agentic AI
- Data Loss Prevention
- Data Security Posture Management
- Encryption & Key Management
- Identity & Access Management (IAM)
- Identity and Data Security for AI
Recent Cybersecurity Insights
Infographic | April 11, 2025
The Future of SecOps in an AI-driven World
Research Report | April 11, 2025
The Future of SecOps in an AI-driven World
Survey Results | April 11, 2025
The Future of SecOps in an AI-driven World
Infographic | April 11, 2025
Balancing Requirements for Application Protection
-
Facing pressure to do more work with fewer resources and a continuing cybersecurity skills shortage, organizations are looking to consolidate resources to drive more efficiencies in securing cloud-resident data while reducing overall risk. To secure data across hybrid environments, organizations are consolidating the efforts of on-premises and cloud data security teams. Multiple stakeholders, led by cloud security architects, create consistent security policies and determine security control requirements. Organizations also want an integrated platform that combines multiple security tools and controls and provides a global view of all organizational data. In the long run, controls tailored to secure data based on where it resides (on premises, SaaS, or IaaS/PaaS) will be used to account for the different techniques used across different environments.
-
The complexity of cloud environments and the speed and scale of operations in the cloud drive the multitude of challenges organizations face in securing their cloud-resident sensitive data. The most difficult challenges include discovery and classification of data as well as ensuring compliance with regulations. Despite confidence in their data security tools, organizations continue to lose data due to misconfiguration, misclassification, and unknown (shadow) data. Implementing a defense-in-depth strategy that combines third-party and CSP-native tools and controls can overcome these challenges in securing cloud-resident sensitive data.
-
The use of public cloud services (SaaS and IaaS/PaaS) has been increasing over the past several years. Subsequently, organizations have migrated more data assets to cloud stores. As organizations find that the amount of cloud-resident sensitive data is increasing, the challenge to sufficiently secure this data, especially when distributed across multiple clouds, becomes greater. In light of the disparate and native controls and policies provided by individual cloud service providers (CSPs), organizations need to craft a comprehensive, defense-in-depth strategy to adequately address the data security challenge.
-
While a substantial percentage of organizations are aware of the loss of cloud-resident sensitive data, some organizations suspect they have lost data but do not definitively know. This lack of awareness indicates that organizations lack the tools or experience to confidently identify every data loss incident. As a result, organizations fail to learn from, respond to, and address the multiple causes of data loss, resulting in more incidents and greater monetary, regulatory, reputational, and existential risk.
-
While the need to secure public cloud-resident data is critical, organizations’ confidence in the tools and controls provided by cloud service providers (CSPs) is lukewarm. To alleviate these concerns, organizations are using a combination of CSP-native and third-party controls to secure cloud-resident sensitive data. This defense-in-depth strategy provides a multi-layered approach to address multiple dimensions of data security.
-
The role of the cloud security architect (CSA) has emerged to lead the charge in securing cloud-resident sensitive data. Yet, data security remains a responsibility shared by multiple groups including IT operations, security, and DevOps. The establishment of CSAs shows that securing cloud-resident data is of strategic importance, especially to cybersecurity, as the role now reports to the C-level, most often the CISO.
-
Organizations are increasing investments in cyber-threat intelligence programs to get ahead of threat actors and cyber-attacks. Beyond traditional threat intelligence, firms are adopting digital risk protection (DRP) programs and/or services to safeguard the growing volume of digital assets. DRP encompasses a mix of traditional and emerging areas like mobile application protection, brand protection, executive protection, and deep/dark web monitoring.
