Security Research Brief: Top Incident Response Service Providers

Which MSSPs and cybersecurity companies and technology businesses lead the worldwide market for incident response services? A 2021 IDC MarketScape report -- focused on incident readiness services -- offers some clues.

Among the incident readiness market parameters to note:

1. CISOs are starting to make the monetary and time investments in a variety of incident readiness capabilities, IDC asserted.

2. Key incident readiness services include:

  • Tabletop exercises
  • Cyber-range
  • Vulnerability management
  • Red/blue teams
  • Incident plan and playbook development
  • Technical runbook development
  • Incident response

Related: See more Security Research Briefs here

Worldwide Incident Readiness Services: 2021 IDC Analysis

IDC analyzed vendors that generated at least $25 million in combined incident readiness and incident response revenue for 2020. The resulting list spans the companies below.

1. Accenture: Good for Large multinational organizations looking for an incident readiness provider with strong industry knowledge in multiple disciplines and a global presence should consider Accenture.

  1. Accenture's Ransomware Readiness service assesses the potential impact of a ransomware attack and identifies opportunities to bolster detection, prevention, response, and recovery. Conducted via interactive discovery workshops and simulation exercises, the service helps identify how an organization restores and recovers from a ransomware attack and provides recommendations to mitigate risks.

2. Booz Allen Hamilton: Organizations with critical infrastructure, governmental bodies, and firms that need broad resilience capabilities should consider Booz Allen Hamilton.

Booz Allen Hamilton's cyber war game, BREACHED!, includes traditional players and the C-suite in the simulation.

3. Cisco Systems (Talos): Organizations that seek to have a strong threat intelligence capability and a flexible incident retainer portfolio of services should consider Cisco.

4. CrowdStrike: Organizations of all sizes looking to partner with an incident readiness provider with a variety of managed and professional service capabilities and a range of technology partners should consider CrowdStrike.

5. Deloitte: Midsize to large global enterprises looking for incident readiness capabilities that can be tailored to their specific needs should consider Deloitte.

6. EY: Large global organizations looking for a firm to elevate an existing incident readiness program to prepare for current or future advanced threats should consider utilizing EY.

7. IBM X-Force: Large firms that prefer to work with a global partner that offers a suite of security testing, training, and incident readiness consulting should consider IBM.

8. KPMG: Firms of all sizes that desire to work with a global incident readiness provider with strong digital forensic capabilities should consider KPMG.

9. Kroll: Organizations of all sizes that value an incident readiness provider with deep forensic capabilities, and strong regulatory and legal capabilities, should consider utilizing Kroll.

10. Mandiant: Organizations looking for a provider with a global footprint, threat intelligence, assessment capabilities, and the ability to strengthen client capabilities through training should consider Mandiant.

11. PwC: Large global organizations that desire to work with a firm that can provide expertise beyond incident readiness, and that has capabilities in areas of increasing importance like OT or IoT, should consider PwC.

12. Secureworks: Organizations of all sizes that prefer a provider that has a range of cybersecurity software along with managed and professional services should consider utilizing Secureworks.

13. Verizon: Organizations of all sizes that wish to partner with a vendor-agnostic incident readiness firm with threat intelligence capabilities should consider utilizing Verizon.

14. Wipro: Organizations looking to partner with a global incident readiness firm that has IT and cybersecurity acumen and broad industry knowledge should consider Wipro.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.