Digital Risk Protection In 2018: New Vendors, New Leaders, New Wave
Our “The Forrester New Wave™: Digital Risk Protection, Q3 2018” report is out! Take a look at how 14 DRP vendors stack up in this emerging market. You will find detailed vendor profiles and analysis evaluating how well they monitor and mitigate organizations’ external, digital risk environments.
Vendors evaluated (alphabetically): Axur, Blueliv, CTM360, CyberInt, Cyxtera, Digital Shadows, IntSights, LookingGlass Cyber Solutions, Proofpoint, Recorded Future, RiskIQ, Social SafeGuard, Sweepatic, and ZeroFOX
The DRP Market Is Hot
In our “New Tech: Digital Risk Protection, Q2 2018” report released this past quarter, we found that VC funding from 2015 to 2017 eclipsed $400 million for DRP vendors (see below figure). And investor action has continued in 2018, with over $50 million committed to included vendors in the first six months, including Blueliv (Series A), CyberInt (Series B), IntSights (Series C), and Social SafeGuard (Series B).
Choosing A Digital Risk Protection Solution
Most buyers (77%) are purchasing DRP tools as net-new solutions for their organizations (as opposed to replacing an existing capability). They’re adding DRP to their existing security technology stacks to better tackle digital risk activities — namely, to improve their external digital risk visibility and to streamline the ensuing remediation.
In our New Wave, we found that certain DRP capabilities are more differentiated than others.
For security and risk pros launching a new vendor selection campaign, set your priorities with the following capability areas in mind:
- Footprint mapping and visualization. Capabilities to identify, link, and maintain an accurate profile of your externally accessible digital domains, assets, apps, and accounts, as well as their relevant attributes and metadata.
- Digital risk reconnaissance. Capabilities to collect, scan, and analyze data from a wide variety of deep and dark digital channels. Depending on where you need visibility, you might elevate certain domains over others, such as social media intelligence or dark web recon.
- Takedowns and remediation. Consistently a top need for DRP users is support for the necessary response and remediation of digital risk events — either automated or facilitated via analysts as a managed service. For well-orchestrated automation, breadth of security technology integrations and partnerships is critical.
- Use-case support for brand security, VIP protection, and PII discovery. Customers cite at least one of these three objectives as a core way they use their DRP solution: Protect our brand, our people, and our data (online).