target audience: TECH BUYER Publication date: Sep 2022 - Document type: IDC MarketScape - Doc Document number: # US48761022
IDC MarketScape: Worldwide Managed Cloud Security Services in the Multicloud Era 2022 Vendor Assessment
This IDC study represents a vendor assessment of providers offering managed cloud security services for multicloud environments through the IDC MarketScape model. The assessment reviews both quantitative and qualitative characteristics that define current market demands and expected buyer needs for managed cloud security services. The evaluation is based on a comprehensive and rigorous framework that assesses how each vendor stacks up, and the framework highlights the key factors that are expected to be the most significant for achieving success in the managed cloud security services market over the short term and the long term.
IDC defines the following core capabilities of managed cloud security services:
- Multicloud network management, which enables IT teams to manage network security across cloud environments, including monitoring of network resource alerts and resolution tracking
- Cross-cloud operation management, which monitors cloud resource configurations and routine reporting of the current state of risk levels
- Data security and privacy management, which allows secure data sharing across cloud providers and regions (It may include data classification, data recovery, key management, and encryption management.)
- Identity access management, which may be delivered as a standalone service or through solutions such as SASE
- Secure software development, which may include cloud code review, DevSecOps, and software supply chain management
- Threat intelligence, which comprises multiple internal and external sources, a threat intelligence team, a threat library, AI/ML analytics and, ideally, integration with industry-leading frameworks such as MITRE ATT&CK
- Compliance and risk management, which encompasses processes, templates, and regulation-specific reports
- Detection and response for multicloud/hybrid cloud environments, with services typically including MDR and MXDR powered by AI/ML
"The managed cloud security services market is highly dynamic and fast evolving. Cloud is often perceived or used as a change agent for companies to take an enterprisewide transformation journey. Similar thinking applies to security. Cloud requires new ways to handle challenges in terms of visibility and security policy governance. At the same time, cloud enables various facets of security to be faster and more transparent," says Cathy Huang, research director, Worldwide Security Services at IDC. "It is interesting to see that many managed cloud security services providers have developed code-defined assets or policies to enable an automated security function and drive high level of accuracy and efficacy through the use of AI/ML, automation, and orchestration."