ALM Intelligence's report, "The ALM Vanguard: Cybersecurity Consulting" analyzes market trends driving consulting demand; identifying consulting providers as leaders, challengers and contenders reflecting their current capabilities. With the RSA Conference upon us, it is timely to take a deeper dive into what consultants are doing to drive value-based business outcomes for clients in a digitally-disrupted market. Major market trends include:
Cybersecurity and the Digital Revolution
High-profile breaches caused panic amongst the Board/C-suite, pushing cybersecurity to the top of the agenda with an increased willingness to invest. As the threat environment continues to intensify, led by increased digital vulnerabilities with emerging technologies; digital transformation adds millions of endpoints that are potentially uncontainable. Consultants are working with clients to minimize risk; understanding that it is impossible to eliminate risk entirely. There are risk trade-offs to be made and the goal is to identify an organization's key assets and to "buy-down" the risks as much as possible with top-down buy-in from the C-suite to the CISO (the "knitter" across the organization) to all employees.
What started for many clients as a compliance exercise is now entering a new phase—that of protecting the digitally-transformed enterprise. Regulatory compliance still drives demand to an extent and is a starting point for larger conversations. Disparate tools that were purchased to protect organizations will now be consolidated with the latest methodologies, shifting the focus from tools to value-added business outcomes.
Cybersecurity Skill Shortages
A major complication to securing organizations is the shortage of workforce talent. Consulting firms are assisting in upskilling, recruiting, on-the-job-training and other initiatives including university partnerships. Providers are also implementing staff augmentation, interim and virtual staffing (e.g., for the CISO role).
Managed Security Services
Managed security services are increasingly important for clients, driven by the lack of talent and on-site infrastructure. These services refer to a next-generation type of outsourcing—a combination of managed services, cloud and "as-a-service" models that add value. Firms are offering Cybersecurity Intelligence Centers globally, SOCs, Innovation Labs, shared threat intelligence and advanced threat detection that individual clients cannot match. The provider options include higher value-added services, a global delivery model, multiple strategic vendor partnerships and outcome-based pricing with performance metrics either on-premise, co-sourced or off-site; providing the expertise and support clients need.
In sum, market trends propel leading consulting providers to shift their orientation from pure play management consulting to a holistic, business-driven approach focused on outcomes that are supported by a product orientation with tools, analytics, AI, robotics, automation, staff augmentation and managed security services to underpin the advisory work. Digital transformation and the exponential increases in security threats mandates that consultants take a business-driven approach to a technical problem.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.