Cybersecurity services are at an inflection point, where they are no longer "nice to have" but "must have" for security teams. Migration to digital and cloud-driven architectures, continued lack of resources, and rapid growth of breaches escalate the need for an objective service partner. Admittedly, I’m a services wonk, and see all markets through the lens of services, but it’s obvious that complexity and overwhelm abound as a myriad of new security solutions confuse the market annually at conferences. (Speculation about this year’s RSA “theme” is rife on LinkedIn.) Security teams are challenged to manage security effectively, and to negotiate business against risk. The evolution of this market necessitates services that drive assessment and rationalization of existing security programs rather than adoption of new technologies. It also demands preparedness.