Reinventing industry analysis: An interview with Richard Stiennon

Richard Stiennon (Founder and Chief Research Analyst at IT-Harvest) is a cybersecurity legend. One of the best known security analysts in the world, he has been writing and speaking about cybersecurity since the mid-1990s – and his books include Secure Cloud Transformation: The CIO’s Journey and Security Yearbook 2020: A History and Directory of the IT Security Industry.

We asked him why analysts are important as advocates for the cybersecurity industry, and how IT-Harvest is reinventing the analyst business. Here’s what he told us.

How did your career in security start?

“In 1992 I was running operations for an engineering firm I founded. That was when I first heard about the internet. Within ten months I had launched one of the first ISPs in Michigan. While we sold a couple of Gauntlet firewalls running on Silicon Graphics servers we were not focused on Security. But a couple of years later I joined a newly launched MSSP, Netrex.

“That is how I got into security and I’ve never looked back. Soon I was working for PwC and then Gartner recruited me to be their second analyst covering security. In 2005 I launched my own analyst firm to cover the entire industry.”

What's the core purpose behind IT-Harvest?

“IT-Harvest is reinventing the industry analyst business, starting with cybersecurity. We are a data-driven analyst firm. While traditional advisory services are still an important part of what we do, the foundation is in the data we collect and curate on 3,570 vendors worldwide.”

In a 2020 Forbes article you wrote about how an analyst is an advocate for the industry, giving it a voice. Why are analysts as advocates important in the current cyber landscape?

“An analyst's full time job is to monitor their space. They have to keep track of new developments, trends, changes in the market, and threatscape and government regulations.  While they can point out areas where vendors are making the wrong moves (Intel acquiring McAfee for instance) they typically serve the industry by advocating for its efficacy. In effect, they are spokespeople for the industry.”

Could you share any interesting data points/trends that IT-Harvest has identified recently?

“We recently ingested all the job postings for all 3,570 vendors. In total they have 67,000 openings. That supports our data that 54% of all vendors have grown in headcount in 2023, despite all the dire warnings of a recession.”

Finally, why are events like Black Hat MEA valuable to you?

“Meeting people face to face is critical for an industry analyst. Industry scuttlebut, rumours, and explanations may be shared on a show floor that would not be communicated in a zoom call or email exchange. Insights come from walking the show floor and absorbing the gestalt.”

Thanks to Richard Stiennon at IT-Harvest. Join us at Black Hat MEA 2023 to learn more.