Posted on

Press Release: Cyber Threat Intelligence Space Grows 3% in 1H 2020

IT-Harvest Research: Cyber Threat Intelligence Space Grew 3% in 1H 2020

New “Cyber Threat Intelligence Market Research Report 1H 2020” – Richard Stiennon, and Ron Moritz.

News provided by


Sep 17, 2020, 08:34 ET

Picked up by: Seekingalpha, Morningstar,

BIRMINGHAM, Mich., Sept. 17, 2020 /PRNewswire/ — IT-Harvest, an independent research firm covering the cybersecurity industry, has published a “Cyber Threat Intelligence Market Research Report 1H 2020” – Richard Stiennon and Ron Moritz on the cyber threat intelligence (CTI) sector. The report includes 61 vendors that provide threat intelligence to the enterprise or collect and manage threat intelligence. These include, Recorded Future acquired by Insight Partners in 2019, Anomali, LookingGlass Cyber Solutions, ZeroFOX, and Intsights.

Key findings:

Funded companies had healthy growth despite the headwinds in 1H 2020: Sixgill (+79%), SpyCloud (+59%), DarkOwl (+48%), Recorded Future (+45%).

Fears of an economic slowdown due to COVID-19 led investors and their portfolio companies to restrict hiring at many firms. Overall headcount growth of 3% in 1H is a positive sign.

IT-Harvest predicts that 2H growth will be an additional 10% over 1H, leading to 2020 revenue of $517 million.

The 34-page Market Research Report is available at It provides a guide to the industry and a summary of each vendor’s capabilities. It comes bundled with an Excel spreadsheet of all the data used to track 61 vendors.

About IT-Harvest:

IT-Harvest tracks over 3,000 vendors in the IT-security industry. All of them are printed in a directory in Security Yearbook an annual publication. The CTI Market Research Report uses the data collected for this Directory as a basis for our analysis. Security Yearbook 2020: A History and Directory of the IT Security Industry is available at

To contact the author, Richard Stiennon, email:

Press contact: Leslie Kesselring,, (503) 358-1012

About the authors:

Ron Moritz, Contributing Analyst, is a venture partner in OurCrowd, the most active investor in Israel, and Entrepreneur-in-Residence with CyRise, Australia’s cybersecurity accelerator. His career has spanned roles at Finjan Software, Symantec, Computer Associates, and Microsoft. He also helped create the CISSP (Certified Information Systems Security Professional) certification and was one of the first to earn it.

Richard Stiennon, Chief Research Analyst, is the founder of IT-Harvest and author of Security Yearbook 2020: A History and Directory of the IT Security Industry. He has held executive roles at Webroot Software, Fortinet, and Blancco Technology Group. He was also VP Research for Gartner. Contact

Posted on

My Publishing Journey

As I pushed Curmudgeon: How to Succeed as an Industry Analyst over the publishing line in late July, I was asked to present to members of Detroit Working Writers, the oldest writing group in the US, on my publishing journey. The event was very well received, but it was not recorded, so I recorded a private session below.

If you want to learn about the ins and outs of indie publishing I teach the lessons learned from each of my books.

Surviving Cyberwar. My only traditionally published book.

UP and to the RIGHT. My first indie-published book, still selling after eight years, and seeing a bump thanks to Curmudgeon.

There Will Be Cyberwar. My Masters Dissertation from King’s College London turned into a book.

Secure Cloud Transformation: The CIO’s Journey. By far my most widely distributed book with 35,000 copies world wide.

Security Yearbook 2020: A History and Directory of the IT Security Industry. The culmination of ten years of research. Purchase right here.

Stiennon On Security: Collected Essays. During lock-down I decided to compile ten years’ worth of columns from Forbes. Read Ben Rothke’s review.

And finally, Curmudgeon: How to Succeed as an Industry Analyst. It includes contributions from six veteran industry analysts.

Now my calendar is freed up to begin writing Security Yearbook 2021!

Posted on

More On Writing

Just a follow up to my post on Writing a Book. That post was an excerpt from Curmudgeon: How to Succeed as an Industry Analyst, which was published Tuesday this week. Thanks to the comments and feedback here on Peerlyst I put together a list of books that have helped me in my writing career. I included this list in an Appendix to Curmudgeon.

Speaking primarily about works of fiction, James Branch Cabell said the goal for an author is to write perfectly about beautiful happenings. That is a lofty goal for any writer, and perhaps over the top for nonfiction. Yet, why not strive to write perfectly? We may fail but are bound to have created something that is more enjoyable to read and conveys the knowledge we wish to impart.
Here are the books on writing that I have found the most useful and inspiring.

The Sense of Style: The Thinking Person’s Guide to Writing in the 21st Century, by Steven Pinker, is my favorite book on style and writing.

On Writing Well: The Classic Guide to Writing Nonfiction, by William Zinsser, is a must-read. I have found it guided me in developing a voice for my research reports, blogs, and books. It was first published in 1976 and has been updated many times since.

Good Prose: The Art of Nonfiction, by Tracy Kidder and Richard Todd. You may remember Kidder for The Soul of a New Machine, one of the first narrative nonfiction books on the tech industry.

Writing Down the Bones: Freeing the Writer Within, by Natalie Goldberg, is a series of philosophical essays on writing that may provide some motivation.

Bird by Bird: Some Instructions on Writing and Life, by Anne Lamott, is another collection of essays to help you tackle and complete a project.

Creative Nonfiction: Researching and Crafting Stories of Real Life, by Philip Gerard, has chapters on conducting interviews, choosing a topic, and research which are a big help.

Steering the Craft: A Twenty-First-Century Guide to Sailing the Sea of Story, by science fiction author Ursula K. Le Guin, is beautifully written prose about writing beautifully.

If you find yourself fascinated by the writing life, as I am, you will enjoy Zinsser’s memoir, Writing Places: The Life Journey of a Writer and Teacher.
C.S. Forester, one of my favorite fiction authors, also wrote a memoir: Long Before Forty. What is notable about Forester is that his writing appears effortless. The reader can be completely absorbed in the story without being distracted by the writing at all.
In the same vein as Forester, Nevil Shute’s memoir, Slide Rule, describes how he transitioned from pioneering aeronautical engineer to bestselling author of such works as A Town Like Alice and On The Beach.
I encourage you to read these works and also look up your favorite authors on YouTube. Many of them have lectured on their writing practices. Malcolm Gladwell teaches a master class at which is revealing and practical.
Oh, and one more. Jon Winokur’s The Portable Curmudgeon, a collection of over a thousand quips and quotes from notable curmudgeons, from Groucho Marks to Dorothy Parker.

This post first appeared on Peerlyst, which is sadly going offline August 27, unless a white knight rides in.

Posted on

Beauceron Security

David Shipley, founder and CEO of Beauceron Security, was responsible for security awareness training at a Canadian university. After looking at existing solutions he decided that something better was needed. (Before you ask, a Beauceron is a sheepdog from Beauce, France.)

Beauceron Security has developed security awareness training tools that include an element of gamification. Each end user is given a score based on factors that include testing their knowledge, reporting phishing emails, and taking corrective action if they miss something.

Driving positive behavior change is always a challenge in cybersecurity. Beuceron drives change by providing the right information at the right time for employees to care about their role in cybersecurity. Keep in mind that cybersecurity awareness is different for employees and executives so having different approaches for different levels of target value is important.

Their set of cloud based tools is also highly customizable so that new phishing methods or things that are unique to a customer organization can easily be built in to the training progam.

Watch my interview with David here.

Posted on

BitDam. Security for Collaboration

There is no question that collaboration tools, particularity email, are the major vector for attacks. Especially in this time of lock-down and work from home, when we all rely on email, Teams, and other collaboration environments, attackers are taking advantage of our constant use of these tools.

BitDam addresses the security problems with these vectors with an inspection engine that is blindingly fast. Because it is cloud-native, an enterprise or even a small business can set up BitDam protection in minutes.

I had an opportunity to interview BitDam’s founder and CEO, Liron Barak. Listen to the origin story of BitDam and how they are demonstrating higher catch rates than their competitors.

To back up their claims of better catch rates, Liron describes how they use harvested malware and send it to instrumented mailboxes, allowing users to see which malware their existing protections missed. Well worth investigating the constantly updated dashboard here.

Posted on

IoT is Driving a New Era of Network Discovery

Network discovery has always been a utility required for any defensive assessment. First discover your assets. Only then can you implement a patching strategy to reduce your attack surface. Only then can you figure out what to defend and how.

But the surge of new devices attached the network—be it the conference phones, security cameras, and building controls in an office, or the machines on a plant floor or in an electrical utility’s grid—has exacerbated the problem with discovery. Many devices are uncatalogued in discovery tools meant to differentiate between servers, desktops, and wifi devices.

HD Moore, founder of Critical Research Corporation, and known as the father of the Metasploit Framework, took a moment to describe his new project. With Rumble Network Discovery he is creating a tool that will solve the asset discovery problem. His team is systematically cataloging all devices. Each new user of Rumble may introduce them to new devices, but over time their ever growing database of device signatures creates a clearer and cleaner mapping of an organization’s assets.

Active scanning and fingerprinting are the core of Rumble. HD describes how this overcomes issues with legacy tools that may miss things thanks to micro segmentation, which cloaks whole segments from a passive network tap, and device hardening, which is designed to foil scanning.

Only with as complete a picture as possible of the devices on your network, including your cloud deployments, will you be able to grasp the task at hand: protecting everything.

Listen to the inaugural re-launch of the IT-Harvest Interview series with HD Moore.


Interview from Richard Stiennon on Vimeo.

Posted on

Re-Launching The Video Interview Series

Some form of this post is going to make it into a book I am writing titled Curmudgeon: How to Succeed as an Industry Analyst. I had a good start on the book before talking with Gene Kim shortly after he sold Tripwire to Belkin in December 2014.

Gene encouraged me to to put Curmudgeon aside and instead write UP and to the RIGHT: Strategy and Tactics of Analyst Influence. That was a great call, thanks Gene. UP and to the RIGHT was my most highly praised book ever and it led to consulting engagements with large vendors that wanted more control over their Magic Quadrant strategies.

I feel a bit self conscience writing about the business of being an independent industry analyst. But you are supposed to “write what you know,” so here goes.

The first challenge is defining “success.” I have been striving about 20 years to be that industry analyst that writes from the porch of his log cabin overlooking a mountain valley, and travels to conferences around the world to deliver keynotes. I am not there yet, but I am doing what I love, so there is that.

Any independent writer/consultant/speaker faces the challenges of surviving during hard times. Looking back, the luckiest thing that ever happened to me was getting hired by Gartner right at the beginning of the tech crash in 2000. My resume lists only two jobs I have ever held more that 15 months: the four years I spent at Gartner and the 16 years I have been an independent analyst. The tech depression of 2000 lasted just about four years.

In the Fall of 2008 I found myself re-launching IT-Harvest. My friend Leo Cole at Websense asked me to speak at two CISO dinners in New York City. We made reservations at two of the best restaurants in the city and had confirmations from 25 CISOs and Directors from large banks for each dinner. Gene Hodges would preside and I would offer my views on the IT security industry. The first dinners were at the Tao Restaurant on Wednesday, September 16, and the next night at the 21 Club. If you have seen The Big Short, you may recall the scenes in NYC that week as Lehman Brothers closed its doors on Monday. The Global Financial Crisis had started just as I was getting IT-Harvest off the ground. As you can imagine, the dinners were not well attended.

2009 was my most difficult year. Spending by vendors was curtailed immediately as they conserved cash. Marketing dollars are the first to be clawed back during a financial downturn.

Now we face a combined crisis of global pandemic and the resultant forcasted economic downturn. Surviving the pandemic is the first concern of everyone. Vendors, like all businesses, have closed their offices and required employees to work from home. RSA Conference 2020 was the last major security event to be held before most of the country went on lock-down. IBM, Verizon, and ATT, pulled out in the week before, and the City of San Francisco declared an emergency during the conference. Tens of thousands of attendees went home and into isolation.

Sequoia issued a warning memo to their portfolio companies on March 5, evoking a feeling of “here we go again,” in those that recall Sequoia’s famous memo of 2008 titled: “R.I.P. Good Times.” 

I was busy at RSAC launching Security Yearbook 2020 and getting ready for speaking gigs the rest of the “season” (the industry analyst business typically dries up in the summer months when events are hard to organize.) By March 4, every single event for the foreseeable future had been canceled or postponed to the Fall.

I could not be happier with the broad acclaim Security Yearbook 2020 has received. The launch was by far my most successful. But you should know that, unless you are Malcolm Gladwell or Michael Lewis, books do not make very much for non-fiction authors. It is speaking engagements and consulting gigs that come from book publishing that can keep you afloat.

Since speaking and consulting gigs are likely to be gone for months, what can I do? Well, one thing I can do is take advantage of the lull to write more! You may have noticed my increased frequency of posting here, and on Peerlyst, The Analyst Syndicate, and Forbes.

Posting to Forbes is a great outlet. My columns get tremendous visibility: 81,000 views of The Demise of Symantec, so far. I began exploring my past posts to Forbes. They go all the way back to 2010, when Andy Greenberg invited me to contribute my blog posts.

That gave me the idea to pull together a collection of my writing and turn it into a book. That is my project this week and next. I am going to publish Stiennon On Security: Collected Essays in record time. At the very least, readers will not have to slog through the clutter of ads and popups that Forbes forces on them.

As I did a first pass edit of 120 columns I noticed that many of them were inspired by video interviews that I did with founders and executives. With my current interest in the history of our industry (see Security Yearbook 2020) I began to think of those 150 interviews as a historical record. I have interviews with Udi Mokady, CEO of CyberArk, Amit Yoran, then CEO of Netwitness, Bill Conner, then CEO of Entrust, and Ruvi Kitov and Ruven Harrison, founders of Tufin. You can still see them all at

That led to the idea: why not re-launch the video interviews? The last time I did them was 2016. We reserved the biggest hotel suite in San Francisco and brought in a four person camera crew to conduct 30 interviews in three days. I have been credited with starting a trend because we were the first at RSAC to do this. Now every security media company offers these. But the actual credit belongs to Phil Alape at Demos-on-Demand. (Phil is an experienced veteran of video production. Demos-on-Demand has created a great sales lead tool.) Wouldn’t interviews over Zoom serve the same purpose? In addition to executives of established firms I can interview the founders of a new generation of cybersecurity startups. That will give me plenty of material to write about.

Will this make it into Curmudgeon? That depends on the success of the new video series!

Posted on

Production complete of Security Yearbook 2020

You could argue that IT-Harvest has been in the book publishing business since 2012 when it published UP and to the RIGHT: Strategy and Tactics of Analyst Influence. But that, and our other books, were published via Create Space (now transitioned to Kindle Direct Publishing). It’s a different matter entirely to contract with a printer to produce books in volume. But the cost is dramatically lower. About one third the cost of Print on Demand.

For Security Yearbook 2020 we had visibility into potential sales. Secure Cloud Transformation has already sold 30,000+ copies. So, why not cut out the Print on Demand middleman and sell direct?

The process is similar: write a good book, format the interior, create a great cover, and submit files. But this time the files went to a printer, Sheridan Books, in Chelsea, Michigan. You may be surprised to learn that the Ann Arbor, Michigan, area is the epicenter of book printers in North America.

But, instead of a digital press, the files are converted to sets of pages that are etched onto aluminum plates on a giant laser printer pictures below. The flexible plates are wrapped around cylinders that print the pages at high speed. This is called off-set printing. The paper is sliced and cut and assembled into signatures that are sewn down the middle. Those are collated and bound together and then the hard covers are added.

No alt text provided for this image

Finally, the books were packed in boxes and shipped to Fulex, the fulfillment warehouse in Warren, Michigan.

No alt text provided for this image

Now for the next steps. Create an online shop to sell the books directly. That is hosted here at

Security Yearbook 2020 is already available for pre-order on Amazon.

No alt text provided for this image

If you are coming to the RSA Conference in San Francisco at the end of the month you can find copies all over. Check out Where to Find Stiennon at RSAC 2020.