2018 global cloud access security broker market leadership ... · frost & sullivan ongoing...

2018 Global Cloud Access Security Broker Market Leadership Award

2018

BEST PRACTICES RESEARCH

© Frost & Sullivan 2018 2 “We Accelerate Growth”

Contents

Background and Company Performance ........................................................................ 3

Industry Challenges .............................................................................................. 3

Market Leadership ................................................................................................ 4

Conclusion........................................................................................................... 8

Significance of Market Leadership ................................................................................. 9

Understanding Market Leadership................................................................................. 9

Key Performance Criteria .................................................................................... 10

Best Practices Recognition: 10 Steps to Researching, Identifying, and Recognizing Best Practices ................................................................................................................. 11

The Intersection between 360-Degree Research and Best Practices Awards ..................... 12

Research Methodology ........................................................................................ 12

About Frost & Sullivan .............................................................................................. 12



Background and Company Performance Industry Challenges

Organizations are challenged by the growing usage of cloud services from within their user

populations and security issues which arise from unbounded and unsupervised adoption of

cloud services. Cloud Access Security Brokers (CASB) is a security platform strategically

situated between cloud service users and cloud services. CASB centralizes and orchestrates

security policy establishment and enforcement across multiple cloud services and offers

granular visibility into activity (also across multiple cloud services). CASB extends the reach

of these security policies beyond an organization’s infrastructure.

Most notable security risks with cloud services are shadow IT and shadow data. In shadow

IT, individual users or departments procure and use cloud services without corporate IT’s

engagement. Frequently referred to as unsanctioned cloud services, IT and InfoSec teams

are unaware and therefore cannot inject usage and security controls into these services.

Consequently, shadow IT increases the potential that sensitive data is moved into

unprotected and under-protected environments. Essentially, the controls that are in place in

on-premises hosted sanctioned services do not follow sensitive data when that data moves

to unsanctioned cloud services. Shadow data is similar in risk, but extends to sanctioned

cloud services. In sanctioned cloud services, the IT and InfoSec team have knowledge of the

sanctioned cloud services. However,if those cloud services cannot protect sensitive data in

the manner it should or the tools to protect are not utilized, that sensitive data is at risk -

just as sensitive data in unsanctioned cloud services. Smartly designed CASBs address both

of these risk vectors - shadow IT and shadow data - by enacting controls in usage and data

protection in the newly discovered unsanctioned cloud services, as well as the known

sanctioned cloud services.

Government regulations and cybersecurity laws on data privacy and protection are

executive-level issues. Fines for violations and the impact to their outward-facing brands are

compelling organizations to devote increasing attention and resources to conducting due

diligence in demonstrating compliance and reducing the potential and severity of data

breaches. The General Data Protection Regulation (GDPR) became law in May 2016 and will

be enforced on May 2018 in the European Union. This law carries severe penalties for non-

compliance. When organizations transfer their data to cloud services, Frost & Sullivan points

out that the responsibility for protecting the data still remains their responsibility, not the

cloud service providers. Organizations are relying on CASB to assist in compliance.

Even with the security risks of cloud services, cloud services are quite appealing. They assist

organizations in improving productivity, optimizing their IT spend, and supporting

innovation and creativity. Malware writers are aware of the growing appeal and usage of

cloud services and are using it to their advantage. In particular, they are using cloud

services as a vehicle to propagate malware. Many organizations have not inspected their

cloud services for malware and ransomware hiding in plain sight in stored data. There have

been increased instances of breaches and hacks of sensitive data in the cloud, including in

IaaS and PaaS solutions. Unless organizations can assess and mitigate this risk in their use

of cloud services, Frost & Sulliva notes that malware propagation will become as

mainstream of a security risk as shadow IT and shadow data. Future-focused CASBs have a



means to address this malware propagation risk by assessing this risk in each cloud service

the organization uses and exercising native capabilities within the cloud service or through

the CASB platform to mitigate.

Market Leadership

Frost & Sullivan ongoing analysis confirms that Netskope is the leading vendor in the Global

Cloud Access Security Broker (CASB) market. Since its initial product launch in 2013 the

company has released a steady stream of innovations. Netskope uses its patented

technology for its cloud-scale security platform. The company is known for its DLP

technology. Netskope works with apps across all cloud environments: SaaS, IaaS and PaaS.

It is built for simple integration with third-party tools.

Netskope has focused on Enterprise and Large Enterprise customers. Healthcare, banking

and finance are key vertical markets, but there is a wide spread of other markets (such as

manufacturing and retail). Netskope offers a broad set of capabilities which include DLP

(Data Leak Prevention), advanced threat protection, granular policies, encryption and more.

Netskope sees and decodes all cloud traffic.

In this rapidly growing and dynamic market, Frost & Sullivan monitors how Netskope has

outpaced all other CASB vendors. Netskope has been the market share leading CASB vendor

since 2015 and extending its lead. In 2016 Netskope revenues grew 107% resulting in a

3.2 percentage point gain over 2015 and a 2016 market share of 19.6%. This was the

highest market share gain of any CASB vendor.



Growth Strategy Excellence

Enterprise and Large Enterprise customers account for over 80% of Netskope’s revenues.

These two customer segments also account for over 70% of the global CASB market.

Enterprise and Large Enterprise customers are also the most likely users of CASB, as they

generally have larger and more specialized security staffs than smaller organizations, have

the highest level of investment in security, and with their larger user populations, face

greater diversity in adoption and use of cloud services. For a growing number of Enterprises

and Large Enterprises, CASB is becoming an integral part of their security architectures.

There are more “high value” targets in Enterprise and Large Enterprise segments compared

to smaller market segments. These customers are more likely to be in highly regulated

markets that require advanced and dependable security. This includes government

agencies, healthcare and financial. Compliance is a driving factor in CASB adoption.

Netskope has focused quite heavily on the compliance issue. The company established

services that help customers comply with GDPR. In March 2017 the company received

certification approval from the U.S. Department of Commerce’s International Trade

Administration (ITA) for the EU-U.S. Privacy Shield Framework program.

Since 2013 Netskope has released a steady stream of platform innovations in visibility,

compliance, data security, threat protection, and all-mode architecture. The company has

patents covering granular visibility and control of cloud services, and real-time visibility and

control for sanctioned and unsanctioned apps.

Netskope noted early on the blurring between cloud and web. In particular, social media,

online communities, and forums are looking more like cloud services. Similarly, the

traditional web has moved beyond standard HTML constructs and now comprises advanced

languages in order to speed development and create interactive and personalized

experiences. For Netskope, this is an important opportunity to take already patented

methods of understanding APIs and apply it to the web.

Direct to cloud and direct to web traffic is overtaking corporate network traffic, as more and

more users access corporate data from mobile devices from many places outside of the

workplace. Netskope's architecture has been designed, from the beginning, to address this

trend.

Netskope will continue to make advancements in its cloud security platform to address

newer security challenges precipitated by the rapid adoption of cloud services. The platform

was built from the beginning for simple integration with third-party tools.

Netskope has its own data centers, seven worldwide and even more deployed in 2017.

Netskope Threat Research Labs discovers and analyzes the latest cloud threats affecting

enterprises. Netskope Cloud Confidence Audit™ is a complimentary service for cloud

vendors to have the Netskope research team evaluate their service against the Netskope

Cloud Confidence Index™ (CCI) criteria.



Product Quality

Netskope’s CASB platform is built on four pillars: compliance, visibility, data security and

threat protection. The company’s customers are increasingly using or requesting workflows

be defined in Netskope’s platform that automatically protect users, their organizations, and

data based on these pillars.

Frost & Sullivan recognizes how Netskope provides the most comprehensive depth of

coverage for all use cases as a key architectural advantage over other vendors. The

company supports all CASB functions and features. Netskope received the first set of

comprehensive CASB patents, covering multi-mode traffic steering and the ability to decode

cloud service APIs to enforce cloud security policy at the granular data or activity level. The

company secures all the ways users access cloud services, can apply deep cloud context to

cloud policies, secure Ecosystem apps, and provide advanced cloud DLP and threat

protection. Netskope also offers a multi-mode deployment architecture, and customers are

able to deploy in any conceivable mode (forward proxy, reverse proxy, out-of-band API

connection), or a combination of modes.

Implementation Excellence

Netskope cites five key points as the company’s value proposition which sets it apart from

other CASB vendors.

● Architected for any use case: Netskope supports granular control of cloud services

in all deployment modes, regardless of users’ access location, device, and method:

on-premises or remote, managed or unmanaged device, and irrespective of access

method. Netskope has patented its method to see cloud service traffic.

● Wide breadth of cloud service coverage: Netskope offers the widest breadth of

cloud services that can be secured with granular controls of any CASB vendor. This is

implemented with thousands of cloud services covered through either published

cloud service APIs or through inline decoding of unpublished APIs.

● Deep visibility and granular control: The patented Netskope Context Engine

(NCE) delivers deep visibility into the thousands of cloud services covered by

Netskope, providing the ability to control cloud service usage based on criteria such

as user, group, device, location, app, app instance, activity, and data.

● Advanced cloud DLP: Netskope offers features including exact match,

fingerprinting, custom regex, and other capabilities. Netskope has built a closed-loop

incident management workflow that allows customers to orchestrate the forensics,

notifications, and approvals that surround DLP events.

● Threat protection: Netskope is the first CASB vendor to provide full threat

protection. Machine learning and anomaly detection were introduced in Netskope

Active Platform in 2013. The company combines threat intelligence, static and

dynamic analysis, and machine-learning based anomaly detection to enable real-time

detection, prioritized analysis, and remediation of threats.



Brand Strength

Founded in 2012, Netskope began shipping product in 2013. It has quickly established a

strong reputation in the CASB market as demonstrated by the following accolades:

● On March 8 2018 Netskope announced that in 2017, subscriptions grew by triple

digits, headcount increased by 50% to 475 people, and 25% of the Fortune 100

adopted the market leading Netskope platform.

● On February 28, 2018 Netskope’s Active Platform achieved ISO/IEC 27001:2013 and

ISO/IEC 27018:2014 certifications.

● On February 27, 2018 created position of Chief Strategy Officer (CSO), appointing

Jason Clark. This expands Netskope’s commitment to Enterprise security.

● On February 5, 2018 Netskope was named by online publications CRN to its 100

Coolest Cloud Computing Vendors of 2018 list for the third consecutive year.

● On October 23, 2017 Netskope announced its Information Rights Management (IRM)

Program.

● In March 2016, publication CRN (a brand of The Channel Company), named

Netskope to its inaugural 2016 Security 100 list. In December 2016, CRN named

Netskope Threat Protection the winner in the 2016 Product of the Year Awards in the

Cloud and Application Security category.

● In June 2016, Netskope earned a gold Cloud Productivity competency in the

Microsoft Partner Network.

● In August 2016, Security Products Magazine awarded Netskope Active Cloud DLP the

2016 New Product of the Year Award in the Loss Prevention category.

● In September 2016, Forbes magazine named Netskope to the first-ever Forbes 2016

Cloud 100 list.

● In October 2016, Netskope announced a 97% customer satisfaction rate.

Strategic Partnerships

Netskope has a broad list of technology partners, and many are cloud service providers.

They currently include Microsoft, box, Dropbox, Slack, Google, Google Cloud Platform,

Amazon AWS, salesforce, Workplace by Facebook, IBM QRadar, Ping, Okta, Centrigy,

onelogin, Secureauth, VMware airwatch, Citrix, Titus, Boldonjames, Carbon Black, Juniper

Networks, Exabeam, Cyphort, and FireEye.

Notable partnership announcements include the following:

● In April 2017, Netskope released Netskope for Workplace, providing full visibility and

control for Facebook’s collaboration platform.

● In February 2017, Netskope and Viptela (acquired by Cisco in August 2017)

partnered to provide joint customers to combine Viptela’s unified WAN for on-



premises and cloud applications with the robust security assurances of Netskope’s

CASB solution.

● In January 2017, Netskope announced the release of Netskope for Slack, providing

full visibility and control for Slack Enterprise Grid.

● In June 2016, Netskope announced an integrated offering with VMware that enables

IT departments to maintain appropriate visibility and control over their users’ mobile

devices and cloud app ecosystems.

Conclusion

In the rapidly growing and dynamic CASB market, Frost & Sullivan observes how Netskope

has outpaced all other vendors. The company has been the leading CASB vendor since 2015

and, since then, extended its lead even further. It has achieved this by releasing a steady

stream of innovations aligned with the needs of Enterprises and Large Enterprises.

Netskope uses its patented technology for its cloud-scale security platform. The factors for

Netskope’s success as identified by Frost & Sullivan are its wide breadth of cloud service

coverage, deep visibility and granular control, advanced cloud DLP, threat protection, and

an architecture designed to work with any use case.

Netskope is in a strong position to maintain its leadership position in the CASB market by

continuing to develop advancements in its cloud security platform to address new security

challenges, adapting to the evolving nature of cloud services, and establishing strong

technology integration and channel partnerships.

With its strong overall performance, Netskope has achieved a leadership position in the

CASB market, with a market share of 19.6%. Frost & Sullivan is thus proud to bestow the

2018 Global Market Leadership Award to Netskope.



Significance of Market Leadership Ultimately, growth in any organization depends upon customers purchasing from a

company, and then making the decision to return time and again. Loyal customers

become brand advocates; brand advocates recruit new customers; the company grows;

and then it attains market leadership. To achieve and maintain market leadership, an

organization must strive to be best-in-class in three key areas: understanding demand,

nurturing the brand, and differentiating from the competition.

Understanding Market Leadership

Driving demand, strengthening the brand, and differentiating from the competition all play

a critical role in a company’s path to market leadership. This three-fold focus, however, is

only the beginning of the journey and must be complemented by an equally rigorous focus

on the customer experience. Best-practice organizations, therefore, commit to the

customer at each stage of the buying cycle and continue to nurture the relationship once

the customer has made a purchase. In this way, they build a loyal, ever-growing customer

base and methodically add to their market share over time.



Key Performance Criteria

For the Global Market Leadership Award, Frost & Sullivan analysis independently focused

on specific criteria to determine the areas of performance excellence.

Criterion Requirement

Growth Strategy Excellence

Demonstrated ability to consistently identify,

prioritize, and pursue emerging growth

opportunities

Implementation Excellence

Processes support the efficient and consistent

implementation of tactics designed to support the

strategy

Brand Strength The possession of a brand that is respected,

recognized, and remembered

Product Quality

The product or service receives high marks for

performance, functionality, and reliability at every

stage of the life cycle

Product Differentiation

The product or service has carved out a market

niche, whether based on price, quality, or

uniqueness of offering (or some combination of the

three) that another company cannot easily

duplicate

Technology Leverage

Demonstrated commitment to incorporating

leading-edge technologies into product offerings,

for greater product performance and value

Price/Performance Value Products or services offer the best value for the

price, compared to similar offerings in the market

Customer Purchase Experience

Customers feel they are buying the most optimal

solution that addresses both their unique needs

and their unique constraints

Customer Ownership Experience

Customers are proud to own the company’s product

or service, and have a positive experience

throughout the life of the product or service

Customer Service Experience Customer service is accessible, fast, stress-free,

and of high quality



Best Practices Recognition: 10 Steps to Researching, Identifying, and Recognizing Best Practices

Our analyst team strives to follow a 10-step process (illustrated below) to evaluate Award

candidates and assess their fit with our best practice criteria. The reputation and integrity

of our Awards are based on close adherence to this process.

STEP OBJECTIVE KEY ACTIVITIES OUTPUT

1 Monitor, target, and screen

Identify Award recipient candidates from around the globe

Conduct in-depth industry research

Identify emerging sectors

Scan multiple geographies

Pipeline of candidates who potentially meet all best-practice criteria

2 Perform 360-degree research

Perform comprehensive, 360-degree research on all candidates in the pipeline

Interview thought leaders and industry practitioners

Assess candidates’ fit with best-practice criteria

Rank all candidates

Matrix positioning of all candidates’ performance relative to one another

3

Invite thought leadership in best practices

Perform in-depth examination of all candidates

Confirm best-practice criteria Examine eligibility of all

candidates Identify any information gaps

Detailed profiles of all ranked candidates

4

Initiate research director review

Conduct an unbiased evaluation of all candidate profiles

Brainstorm ranking options Invite multiple perspectives

on candidates’ performance Update candidate profiles

Final prioritization of all eligible candidates and companion best-practice positioning paper

5

Assemble panel of industry experts

Present findings to an expert panel of industry thought leaders

Share findings Strengthen cases for

candidate eligibility Prioritize candidates

Refined list of prioritized Award candidates

6

Conduct global industry review

Build consensus on Award candidates’ eligibility

Hold global team meeting to review all candidates

Pressure-test fit with criteria Confirm inclusion of all

eligible candidates

Final list of eligible Award candidates, representing success stories worldwide

7 Perform quality check

Develop official Award consideration materials

Perform final performance benchmarking activities

Write nominations Perform quality review

High-quality, accurate, and creative presentation of nominees’ successes

8

Reconnect with panel of industry experts

Finalize the selection of the best-practice Award recipient

Review analysis with panel Build consensus Select recipient

Decision on which company performs best against all best-practice criteria

9 Communicate recognition

Inform Award recipient of Award recognition

Present Award to the CEO Inspire the organization for

continued success Celebrate the recipient’s

performance

Announcement of Award and plan for how recipient can use the Award to enhance the brand

10 Take strategic action

Upon licensing, company is able to share Award news with stakeholders and customers

Coordinate media outreach Design a marketing plan Assess Award’s role in future

strategic planning

Widespread awareness of recipient’s Award status among investors, media personnel, and employees



The Intersection between 360-Degree Research and Best Practices Awards

Research Methodology

Frost & Sullivan’s 360-degree research

methodology represents the analytical

rigor of our research process. It offers a

360-degree-view of industry challenges,

trends, and issues by integrating all 7 of

Frost & Sullivan's research methodologies.

Too often companies make important

growth decisions based on a narrow

understanding of their environment,

leading to errors of both omission and

commission. Successful growth strategies

are founded on a thorough understanding

of market, technical, economic, financial,

customer, best practices, and demographic

analyses. The integration of these research

disciplines into the 360-degree research

methodology provides an evaluation

platform for benchmarking industry

participants and for identifying those performing at best-in-class levels.

About Frost & Sullivan

Frost & Sullivan, the Growth Partnership Company, enables clients to accelerate growth

and achieve best-in-class positions in growth, innovation and leadership. The company's

Growth Partnership Service provides the CEO and the CEO's Growth Team with disciplined

research and best practice models to drive the generation, evaluation and implementation

of powerful growth strategies. Frost & Sullivan leverages more than 50 years of

experience in partnering with Global 1000 companies, emerging businesses, and the

investment community from 45 offices on six continents. To join our Growth Partnership,

please visit http://www.frost.com.

360-DEGREE RESEARCH: SEEING ORDER IN

THE CHAOS

http://www.frost.com/

2018 global cloud access security broker market leadership ... · frost & sullivan ongoing...

Documents