Mon. May 23rd, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment: Informing Business Decisions? Cybersecurity Market Analysis Framework from ENISA

    Information - 92%
    Insight - 90%
    Relevance - 87%
    Objectivity - 91%
    Authority - 93%



    A short percentage-based assessment of the qualitative benefit of the recently published Cybersecurity Market Analysis Framework for the European Union Agency for Cybersecurity (ENISA).

    Editor’s Note: The European Union Agency for Cybersecurity (ENISA) is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. ENISA contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. The recently published ENISA Cybersecurity Market Analysis Framework (ECSMAF) is the cornerstone of ENISA activities in analyzing the EU cybersecurity market as it presents a cybersecurity market analysis framework as a “cookbook” on how EU cybersecurity market analyses can be performed. This framework and supporting documents may be beneficial for cybersecurity, information governance, and legal discovery professionals as they consider and analyze the cybersecurity market.

    Press Announcement and Reports*

    Cybersecurity Market Analysis in Support of Informed Cybersecurity Business Decisions

    The European Union Agency for Cybersecurity (ENISA) introduces a framework to perform cybersecurity market analyses and dives into the market of the Internet of Things (IoT) distribution grids for validation.

    What’s the objective?

    To improve market penetration, value for money, quality and acceptance of products, processes and services, performing cybersecurity market analysis has become an important tool for a variety of stakeholders. Market data is currently considered key to making informed decisions related to cybersecurity choices, on new products to be launched, policy initiatives or research and innovation funding.

    The first report introduces a market analysis framework to be applied across various application areas over time.

    The second report analyses the IoT cybersecurity market demand and supply in the sector of electricity distribution grids across the EU.

    How does the framework work?

    The framework consists of a toolbox designed to facilitate the performance of cybersecurity market analyses. It offers a range of analysis approaches based on innovative market modeling specifically adapted to the cybersecurity market.

    This framework can be applied to various market segments. Structured around six modules, it offers the flexibility to choose the type of the performed analysis among:

    • Market structure & segmentation;
    • Demand-side research;
    • Supply-side research including vendor market map;
    • Technology research;
    • Macro-environmental factors and
    • Economic market characteristics.

    Main points and foreseen next steps:

    – On the framework

    Identifying the right data and the right method to perform data collection is essential if we want to avoid pitfalls such as bias. The processing techniques currently available need to be assessed and selected wisely. Moreover, the confidentiality of market data collected also raises both competition, and technical questions to be addressed. They call for the use of anonymization, implementing security controls, etc.

    The framework introduces a coherent taxonomy of cybersecurity products, processes and services. This cybersecurity taxonomy has been derived from relevant work already performed within the EU. Cooperation with stakeholders that are active in classifying cybersecurity has also been taken into account (e.g. European Commission’s Joint Research Centre).

    Furthermore, Member States already started implementing cybersecurity market surveillance functions. These functions aim to check whether ICT products comply with the requirements of EU cybersecurity certificates. The development of market surveillance in Member States has been identified as a priority for ENISA today and for the years to come. The proposed cybersecurity market analysis framework may be a useful input to these efforts.

    – On IoT in distribution grids

    The analysis on IoT for electricity grids reveals that the architecture of distribution grids is undergoing some major changes. Flexible and dynamically configured bi-directional power flows are gradually replacing traditional, one-way transmission electricity grids. The digital transformation of electricity grids will imply investing in digitalized components. However, this digitalization will in turn lead to more cyber threat exposure by adversaries, such as State or non-State actors.

    The report on IoT serves as a proof of concept of the initial cybersecurity market analysis framework published herewith. Part of the objective of this report was to validate the applicability of the proposed framework. With the support of the Ad Hoc Working Group (AHWG) on the EU Cybersecurity Market established by ENISA in 2021, the Agency will conduct additional cybersecurity market analyses to further develop the framework.

    What’s the legal base?

    The Cybersecurity Act (CSA) foresees the assessment of market developments, inter alia in the context of certification. Because certification is intended to improve the functioning of the internal market, performing the analysis of market trends both on the demand and on the supply sides helps ensuring market-enforcing certification efforts. Within this context, market analysis will therefore contribute to reducing the fragmentation of the EU internal market, an objective provided for by the CSA.

    Target audience

    • EU institutions, bodies and Agencies (EUIBAs);
    • Member States/public authorities (e.g. Cybersecurity Authorities);
    • ENISA stakeholder groups (e.g. ENISA Advisory Group);
    • Further relevant stakeholder groups (e.g. ECCG, SCCG, NLOs)
    • Industry and industry associations (Ecosystem of Certification, EU TIC Council, vendors/manufacturers, ECSO);
    • Research institutions and research-related entities and
    • Consumer organizations/associations.

    Read the original announcement.

    Complete Report: ENISA Cybersecurity Market Analysis Framework (PDF) – Mouseover to Scroll

    WP 2021 O.7.1 - Market Analysis Framework

    Read the original report.

    Complete Report: EU Cybersecurity Market Analysis – IoT in Distribution Grid (PDF) – Mouseover to Scroll

    WP 2021 O.7.1 - Market Analysis - IoT Smart Grid

    Read the original report.

    *Shared with permission.

    Additional Reading

    Source: ComplexDiscovery


    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Challenged by Leaky Forms? A Study of Email and Password Exfiltration

    The report "Leaky Forms: A Study of Email and Password Exfiltration...

    Automating Incident Response? Considering Artificial Intelligence in Cyberspace

    According to the recent research report from the CCDCOE on Automated/Autonomous...

    Russian Cyberattack Activity in Ukraine: A Special Report from Microsoft

    According to an April 27, 2022 report from Microsoft's Digital Security...

    Informing Business Decisions? Cybersecurity Market Analysis Framework from ENISA

    The ENISA Cybersecurity Market Analysis Framework is designed to improve market...

    Smarsh to Acquire TeleMessage

    “As in many other service industries, mobile communication is ubiquitous in...

    A Milestone Quarter? DISCO Announces First Quarter 2022 Financial Results

    According to Kiwi Camara, Co-Founder and CEO of DISCO, “This quarter...

    New from Nuix? Macquarie Australia Conference 2022 Presentation and Trading Update

    From a rebalanced leadership team to three concurrent horizons to drive...

    Strong Growth? KLDiscovery Inc. Announces First Quarter 2022 Financial Results

    According to Christopher Weiler, CEO of KLDiscovery Inc, “The first quarter...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for May 2022

    From eDiscovery pricing and buyers to cyberattacks and incident response, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for April 2022

    From cyber attack statistics and frameworks to eDiscovery investments and providers,...

    Five Great Reads on Cyber, Data, and Legal Discovery for March 2022

    From new privacy frameworks and disinformation to business confidence and the...

    Five Great Reads on Cyber, Data, and Legal Discovery for February 2022

    From biometric recognition and artificial intelligence to data embassies and processing...

    Feeding the Frenzy? Summer 2022 eDiscovery Pricing Survey Results

    Initiated in the winter of 2019 and conducted eight times with...

    Surge or Splurge? Eighteen Observations on eDiscovery Business Confidence in the Spring of 2022

    In the spring of 2022, 63.5% of survey respondents felt that...

    Types and Shadows? Issues Impacting eDiscovery Business Performance: A Spring 2022 Overview

    In the spring of 2022, 36.5% of respondents viewed increasing types...

    The Tide is In? eDiscovery Operational Metrics in the Spring of 2022

    In the spring of 2022, 46 eDiscovery Business Confidence Survey participants...