Gartner Market Guide for Security Threat Intelligence Products and Services

“Security and risk management leaders struggle to know what threats they really need to be concerned about.” Unfortunately, we commonly see organizations acquiring threat intel services or solutions without thinking of the bigger picture. This usually ends up with security and risk management leaders drowning in data and unclear about whether that data is important or relevant.

The Security Threat Intelligence Market

According to the 2021 Gartner® Market Guide for Security Threat Intelligence Products and Services, “the threat intelligence market consists of multiple solutions and services to help organizations understand and prepare for their own unique threat landscape, to bolster prevention and predication capabilities, as well as to help improve other operations efforts like incident response, threat hunting, and vulnerability management.”

The 2021 Gartner Market Guide for Security Threat Intelligence Products and Services provides an overview of the threat intelligence market, current solutions in the marketplace, as well as key findings and recommendations to help security and risk management leaders decipher their own threat landscape.

We’ve taken the time to provide you with an overview of Gartner Market Guide, as well as an opportunity to download the report.

Key Findings From The Gartner Market Guide

In their market guide for security threat intelligence, Gartner defines threat intelligence products and services as solutions that deliver knowledge, information, and data about cybersecurity threats and other cybersecurity-related issues. Their main purpose is to provide or assist in the curation of information about the identities, motivations, characteristics, and methods of threats, commonly referred to as tactics, techniques, and procedures.

Gartner outlines five observations about the security threat intelligence market, they are:

1. “Organizations are drowning in data and information, which is not the same as intelligence, resulting in poor operational use of the data and information to which they have subscribed.
2. Threat intelligence programs are often considered a luxury and not recognized or used during the development of security operation programs or business cyber risks.
3. Threat actors continue to experience large-scale success against targets, due in large part to divided competitors and industries that do not work together or share threat information.
4. Threat intelligence remains a steady topic of end-user inquiry but more advanced use cases like threat modeling remain largely unexplored by many users.
5. Changes to the environment and business, such as remote workforces, have increased the number of attack vectors and require increased coverage for new use cases.”

Threat intelligence and digital risk protection services are an emerging market. Gartner forecasts that “threat intelligence spending is going to grow at a compound annual growth rate of 15.8% to reach $2.6 billion by 2025.” According to the 2021 SANS Cyber Threat Intelligence Survey, organizations are showing enormous interest in threat intelligence capabilities, which is causing a demand for security and threat intelligence products and services. “Government entities, law enforcement agencies and threat intelligence vendors are far and away the most interested in who is behind an attack,” says Gartner.

The Gartner Recommendations For Security & Risk Management Leaders

Gartner provides five recommendations for security and risk management leaders. According to their report, leaders responsible for security operations should:

1. “Define priority intelligence requirements to guide selection of the correct intelligence products and services for curation into real threat intelligence for the organization.
2. Justify budget by articulating the value of threat intelligence and how foundational it is to the success of the security operations program and protection of the business.
3. Join and contribute to threat intelligence sharing programs to crowdsource efforts against threat actors, while assuaging business concerns with privacy or sensitive data exposure.
4. Focus on use cases that have fast returns on investment like telemetry enrichment and vulnerability prioritization, especially for organizations just starting out with a threat intelligence program.
5. Evaluate vendors and providers that can provide capabilities to assess, monitor and mitigate risks outside of traditional IT infrastructure and associated with digital assets, such as cloud, mobile, social media, and third-party technology, if in scope.”

Organizations need to use digital risk protection services to gain visibility over increasing digital footprints to minimize exposure risks.

If your organization is struggling to know what threats they really need to be concerned about, LookingGlass can help. Contact us today to talk about how we can support you.

­About Gartner:

*Gartner, ., Market Guide for Security Threat Intelligence Products and Services, John Collins, Ruggero Contu, Mitchell Schneider, Craig Lawson, Published 10 December 2021.

GARTNER® is a registered trademark and service mark of Gartner®, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner® does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner® research publications consist of the opinions of Gartner®’s research organization and should not be construed as statements of fact. Gartner® disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.