Description

Enterprise digitalization efforts have altered the modern threat landscape. IT is more complex, and third-party integration is more essential, complicating security and increasing attack surfaces. Traditional perimeter-based security measures no longer protect a cloud-extended workspace: threat actors now target digital assets beyond an organization’s network. Virtual interactions and expanding partner networks have elevated the risk of phishing attacks and third-party breaches. Threat actors are using artificial intelligence and employing sophisticated forms of attack such as smishing and phishing-as-a-service. In response, businesses must adopt robust data protection measures to avoid the severe consequences of a breach, including brand erosion, disruptions, customer loss, and revenue decline. External risk mitigation and management (ERMM) solutions offer a comprehensive and proactive security approach.

ERMM comprises cybersecurity practices that map external attack surfaces, continually monitor the threat landscape, mitigate risks, and enhance organizational security strategy. ERMM integrates formerly distinct capabilities, including external attack surface management (EASM), cyber threat intelligence (CTI), and digital risk protection (DRP), into a unified experience. The ERMM market, though nascent, is experiencing double-digit growth as vendors consolidate the functions.

The most common ERMM use cases by category are:
• DRP—phishing protection, brand protection, data leakage detection, and takedown/remediation services
• EASM—risk assessments (scorecards, threat prioritization), asset discovery, and third-party/supply chain risk assessment
• CTI—dark web monitoring, threat visualization, and threat reports

More vendors are entering the space: venture capitalists are funding ERMM start-ups; pure-play CTI, DRP, and EASM providers are shifting to platform offerings; and new, larger competitors are entering the market, either by building or buying ERMM technologies. This has caused some confusion and risks commoditizing the ERMM space, making it harder to distinguish between ERMM service capabilities. For example, some vendors offer unlimited takedowns (e.g., removing a look-alike domain) while others charge per takedown. Some vendors may leverage extensive dark web intelligence but at the expense of threat visibility into social media. Some vendors offer a wealth of information from a wide range of sources but lack critical context and historical data, resulting in many false positives and alert fatigue.

Regardless, the ERMM market is poised to grow, with North America and the region encompassing Europe, the Middle East, and Africa representing the largest ERMM markets by revenue size, thanks to the concentration of large enterprises with elevated security maturity and cybersecurity budgets in these regions. Though smaller in size, Asia-Pacific and Latin America will also experience steady growth, with enterprise security investment reflecting an overall trend toward security maturity.

Frost & Sullivan analyzes numerous companies in an industry. Those selected for further analysis based on their leadership or other distinctions are benchmarked across ten Growth and Innovation criteria to reveal their position on the Frost Radar™. This publication presents competitive profiles of each company on the Frost Radar™, considering their strengths and the opportunities that best fit those strengths.