U.S. Firms Strengthen Cybersecurity as Data Breaches Soar

Enterprises update their arsenals with new tools and services to defend against rising wave of more advanced attacks, ISG Provider Lens™ report says

STAMFORD, Conn.--(BUSINESS WIRE)-- Enterprises in the U.S. are strategically investing in cybersecurity services as data breaches continue to grow in number and sophistication, according to a new research report published today by Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm.

The 2024 ISG Provider Lens™ Cybersecurity — Solutions and Services report for the U.S. finds that data breaches rose significantly between 2022 and 2023, with healthcare and financial services firms targeted most often. The federal government and some states responded with laws and proposals forcing companies to improve their defenses, making the work of enterprise security teams even more complex.

“New threats and powerful attack mechanisms have exposed weaknesses in critical infrastructure at U.S. companies,” said Doug Saylors, partner and co-leader of ISG Cybersecurity. “CISOs of leading enterprises are re-evaluating their strategies, focusing on business resilience.”

While U.S. demand for cybersecurity tools and services grows, many organizations are rationalizing their security technology stacks to reduce cost and optimize resource utilization, the report says. Companies are increasingly deploying AI technologies to aid in analyzing data to prioritize vulnerabilities and protect areas where they predict the worst damage.

Several emerging technologies, including quantum computing and passwordless identity access management, are rapidly gaining potential. Globally, extended detection and response (XDR) and security service edge (SSE) are becoming essential enterprise platforms.

More organizations, especially large enterprises, are implementing zero trust architectures (ZTAs) in place of traditional perimeter-based security to shrink potential attack surfaces and minimize the impacts of breaches, ISG says. This requires skilled personnel and significant investments in access controls, identity management and continuous verification.

Large companies with complex supply chains face growing risk from attacks against third-party vendors linked to their IT systems, the report says. They are beginning to assess these vendors’ security postures and take a stronger role in managing risk across the supply chain.

Many small and medium-sized businesses (SMBs) are focusing on fundamental security measures such as automated patch management and user education, ISG says. For technologies and skills beyond the reach of internal IT departments, small firms are turning to managed security services and cloud-based security offerings.

“SMBs have fewer resources and may present smaller targets to attackers, but many are instituting strong security practices with help from service providers,” said Jan Erik Aase, partner and global leader, ISG Provider Lens Research.

The report also explores other cybersecurity trends in the U.S., including increasing adoption of cybersecurity insurance and AI-powered advanced threat detection and response.

For more insights into major security challenges at U.S. enterprises, including the growing difficulty of regulatory compliance and rising pressure to understand all risks when adopting new technologies, plus ISG’s advice for addressing these issues, see the ISG Provider Lens™ Focal Points briefing here.

The 2024 ISG Provider Lens™ Cybersecurity — Solutions and Services report for the U.S. evaluates the capabilities of 108 providers across ten quadrants: Identity and Access Management, Extended Detection and Response, Security Service Edge, Technical Security Services (Large Accounts), Technical Security Services (Midmarket), Strategic Security Services (Large Accounts), Strategic Security Services (Midmarket), Managed Security Services — SOC (Large Accounts), Managed Security Services — SOC (Midmarket) and Digital Forensics and Incident Response.

The report names IBM as a Leader in six quadrants. It names Accenture, Deloitte and TCS as Leaders in four quadrants each. Capgemini, Cyberproof, Cyderes, Eviden, HCLTech, Infosys, Kudelski Security, Optiv, Proficio, PwC, Rackspace Technology, Trustwave, Unisys and Wipro are named as Leaders in three quadrants each. Broadcom, EY, KPMG, Kroll, Microsoft, Palo Alto Networks, Presidio, Thales and Verizon Business are named as Leaders in two quadrants each. BeyondTrust, Cato Networks, Cisco, Critical Start, CrowdStrike, CyberArk, Forcepoint, Fortinet, Netskope, Okta, One Identity (OneLogin), Ping Identity, SailPoint, Saviynt, SentinelOne, Trend Micro, Versa Networks and Zscaler are named as Leaders in one quadrant each.

In addition, EY and Persistent Systems are named as Rising Stars — companies with a “promising portfolio” and “high future potential” by ISG’s definition — in two quadrants each. Capgemini, Kroll, ManageEngine, Microland, Skyhigh Security and Trellix are named as Rising Stars in one quadrant each.

In the area of customer experience, Zensar Technologies is named the global ISG CX Star Performer for 2024 among cybersecurity providers. Zensar Technologies earned the highest customer satisfaction scores in ISG's Voice of the Customer survey, part of the ISG Star of Excellence™ program, the premier quality recognition for the technology and business services industry.

Customized versions of the report are available from Cyberproof and IBM.

The 2024 ISG Provider Lens™ Cybersecurity — Solutions and Services report for the U.S. is available to subscribers or for one-time purchase on this webpage.

About ISG Provider Lens™ Research

The ISG Provider Lens™ Quadrant research series is the only service provider evaluation of its kind to combine empirical, data-driven research and market analysis with the real-world experience and observations of ISG's global advisory team. Enterprises will find a wealth of detailed data and market analysis to help guide their selection of appropriate sourcing partners, while ISG advisors use the reports to validate their own market knowledge and make recommendations to ISG's enterprise clients. The research currently covers providers offering their services globally, across Europe, as well as in the U.S., Canada, Mexico, Brazil, the U.K., France, Benelux, Germany, Switzerland, the Nordics, Australia and Singapore/Malaysia, with additional markets to be added in the future. For more information about ISG Provider Lens research, please visit this webpage.

About ISG

ISG (Information Services Group) (Nasdaq: III) is a leading global technology research and advisory firm. A trusted business partner to more than 900 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including AI and automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,600 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data. For more information, visit www.isg-one.com.