ISG Provider Lens™ Study – Cyber Security Solutions & Services 2019 (Overview)


Region: USA and Germany

Facebook’s data leakage affair attracted the public’s attraction to data security again. This is a very striking example for an unwanted use of data, but not comparable to the permanent criminal threats data and IT infrastructure are exposed to. Additionally, there are threats causing from carelessness in the companies. Beside the demand for self-protection, laws (e.g. in Europe: General Data Protection Regulation) more and more force companies to protect themselves from cyberattacks.

Within the scope of digitalization and the (industrial) internet of things, business processes more and more shift into the IT. In order to protect the company itself, it becomes increasingly important to protect its IT- and communication systems. Finally, IT security turns into company security.

So, ICT security is a topic which must not be ignored. However, IT executives often struggle to justify security investments to the business management, particularly the CFO, to whom many of them report directly. Unlike other IT projects, it is not always possible to prove the ROI of such security investments. It is not easy to quantify threat-related risks, and therefore, security measures are often rather low-level and not sufficient to address novel kinds of threats. On the other hand, it is not (always) the lack of suitable technology that leads to security vulnerabilities; many attacks such as Trojan and phishing attacks, are caused by users’ thoughtless behavior. Therefore, consulting and user trainings continue to play a key role, together with up-to-date ICT equipment.

The new benchmark “ISG Provider Lens – 2019 Cyber Security Solutions & Services” addresses both areas to support ICT decision-makers to help them make the best use of their (tight) security budgets.

In this independent study, following the format of our Internationally Successful Provider Lens series, ISG sets out to deliver a comprehensive but defensible research program, with clear and extensive evaluation criteria, covering all major Cyber Security Services & Solutions providers of relevance within USA and Germany.


The research phase is between April and July 2018 during which survey, evaluation, analysis and validation will take place. Selected results will be presented to the media in September 2018.

We will roll out the survey on an online platform called Qualtrics. The invites will be sent with links to fill in the responses and submit.

Milestones Beginning End
Project Kick-off March, 2018
Survey April 12, 2018 May 17, 2018
Sneak previews August 13, 2018
Content provisioning September 20, 2018 
Press release September 27, 2018