Christina Richmond

Christina Richmond

Principal Analyst Christina Richmond covers cybersecurity services at ESG, drawing on more than 20 years in the technology industry. Christina has studied routes to market through channels and distribution alliances across the entire infrastructure spectrum and more recently managed a worldwide cybersecurity services research practice. From Delhi to Dublin and across North America, Christina enjoys sharing strategic guidance with companies ranging from startups to established enterprises, spanning vendors, large systems integrators, communication service providers, and consulting firms.

Recent Posts by Christina Richmond:

ESG Brief: The Cybersecurity Awareness Conundrum

Abstract:

It is an obvious move to provide cybersecurity awareness training to employees to ensure their secure use of the company network across multiple cloud and hybrid environments—and it is an arguably altruistic bonus to enhance employee personal life cybersecurity. But does cybersecurity training accomplish what we want it to? Does it effectively stop users from clicking on malicious links in phishing emails or help them recognize a seemingly innocuous email that might offer privileged access to an attacker? Some say yes; some say no. ESG conducted several studies in 2019 that provide insight into respondents’ use of cybersecurity awareness training and their perception of the service.

Topics: Cybersecurity cybersecurity education

ESG Research Report: Cybersecurity services - omnipresent and heavily invested in

Abstract:

ESG conducted an in-depth survey of 220 cybersecurity professionals concerning their organizations’ usage of, experiences with, and future plans for cybersecurity services. Survey participants represented small (50 to 99 employees), midmarket (100 to 999 employees), and enterprise-class (1,000 employees or more) organizations in North America (United States and Canada).

This research report reveals how cybersecurity service providers can answer IT’s call for help with advisory, implementation, incident, outsourcing, testing, and specialty services, and also covers purchasing trends.

Topics: Cybersecurity

ESG Brief: Managed DNS Security Services Finally Step Up

Abstract:

Malware, phishing, and data theft occur through domain name system (DNS) lookups. DNS security (DNSSEC) is well understood for the secure resolution of these lookups. Managed DNS services using the DNS threat vector for visibility and controls are becoming a desired offering. In a recent ESG survey on cybersecurity services, respondents selected DNS security services as one of the top services engaged in the last 12-18 months. Respondents also called out the need for managed security service providers (MSSPs) to provide DNS security in their offerings.

Topics: Cybersecurity

ESG Brief: Sophos Acquires Rook Security to Round Out Managed Detection and Response Offering

Abstract:

Sophos announced that it acquired Rook Security and entered the managed detection and response (MDR) market. Channel consideration was of paramount concern in the go-to-market strategy. Sophos’ entrance into MDR will help address a growing requirement in its customer base. Sophos must execute integration, customer retention, and partner success in lock step to achieve its “cybersecurity evolved” goal of creating “an intelligent, integrated system.”

Topics: Cybersecurity

ESG Brief: Insight Partners Acquires Recorded Future

Abstract:

Insight Partners announced on May 30, 2019 that it will acquire Recorded Future for $780M. In a broad market of threat intelligence competitors, Recorded Future shines brightly because of its “all-source” approach. ESG fully expects Recorded Future to expand geographically and continue broadening integrations and partnerships. It must also protect its existing relationships as it grows to the next level.

Topics: Cybersecurity

ESG Brief: Risk Management Services

Abstract:

Risk management services have existed for a long time but have traditionally focused more on business risk generally than security risk specifically. As corporate directors, boards, and executives see more damage done from cyber-attacks, the risk conversation has escalated. But performing cyber risk assessments is hard given architectural complexities, the migration to cloud, and the ever-advancing adversary.

Topics: Cybersecurity cyber risk management