Cyber threat intelligence providers position themselves as SaaS vendors for competitive advantage
The global CTI market is estimated to reach US$981.8 million by 2023, finds Frost & Sullivan
SANTA CLARA, Calif. — As the volume and complexity of attacks increase exponentially, security-conscious organizations bolster cybersecurity spending and look for innovative solutions that enable them to understand and prevent cybercrime. Frost & Sullivan’s recent analysis finds that cyber threat intelligence (CTI) is the cornerstone of mature cyber defense programs and a sought-after product category that allows organizations to adapt their security posture to the rapidly evolving threat landscape.
CTI is a segment of the threat intelligence services market, which also includes threat intelligence platforms and digital risk protection.
The global CTI market is estimated to witness a two-and-a-half-fold growth, reaching US$981.8 million by 2023 from US$392.2 million in 2020, up at a compound annual growth rate (CAGR) of 35.8%. North America will continue dominating the industry through 2023, followed by Europe, the Middle East and Africa (EMEA), and Asia-Pacific (APAC).
“With the growing cost of cybercrime and increasing confrontations between geopolitical rivals in the cyber domain, organizations turn to CTI providers to learn the modus operandi of attackers and increase their chances of anticipating and preventing damages,” said Mikita Hanets, Cybersecurity Research Analyst at Frost & Sullivan in a prepared statement. “Customer demand for consolidated solutions that are more affordable and easier to use is encouraging vendors to address several intelligence needs at once. As a result, most vendors aim to provide insights about relevant cyber activity and take a more active role in operationalizing threat intelligence with either homegrown software or partnerships with other security vendors.”
Hanets added: “The emergence of the software-as-a-service (SaaS) model presents new opportunities for CTI vendors. A growing number of threat intelligence providers are repositioning themselves as SaaS vendors that support a range of intelligence-related use cases.”
Market participants should focus on the following growth opportunities:
- Expansion into the digital risk protection (DRP) market: Convergence between the CTI and DRP segments will help vendors become go-to suppliers of CTI, ranging from indicator of compromise feeds to information about leaked credentials. It will also allow them to penetrate the midmarket with DRP use cases and upsell other intelligence products over time.
- Broaden into the threat intelligence platforms (TIP) market: The addition of use cases going from the aggregation of threat feeds to basic threat hunting functionality will enable CTI vendors to provide a comprehensive SaaS offering that enables customers to access threat intelligence and operationalize it on a single platform.
- Partnerships with security vendors: Security vendors should market a more expensive version of the product (e.g., endpoint security) enhanced by threat intelligence in collaboration with one or several CTI vendors. These partnerships would enable threat intelligence providers to drive revenue growth and increase market share.