2018 Kettle Cybersecurity Landscape of New England
Think Global. Act Local.
The 2018 Kettle Cybersecurity Landscape provides a Buy Local, Eat Local map of the Cybersecurity vendor world in New England. This white paper serves as an initial guide to the Landscape. In this paper, we summarize our observations on the vibrant ecosystem of 166 Cybersecurity businesses and organizations that make up the local Landscape.
Our goal is to ignite conversation and generate local awareness.
Farm-to-Table initiatives are, and continue to be, a significant development for agriculture and aquaculture growth in The Ocean State and New England. Supply chain innovations have made oysters a far less risky proposition when dining in Omaha, Nebraska. The Farm-to-Table movement has increased awareness that local ingredients create a healthier, sustainable, and more enjoyable dining experience – while promoting economic growth. (1,2)
How do Farm-to-Table values relate to Cybersecurity?
Reduce uncertainty related to complexity.
Know your supply chain intimately and personally to reduce risk.
Defuse the talent war.
Local talent pools grow sustainably and cost effectively.
Drive or be driven.
Work with suppliers that deliver according to your tastes.
In December 2017, Kettle surveyed the participants of a NIST Cybersecurity Boot Camp. The specifics of Cybersecurity, e.g., frameworks, processes, controls, and maturity, were new to most of the women and men attending the course. Through exploring these areas, the need for navigating the vast landscape of Cybersecurity was clear – and that’s when Kettle’s Cybersecurity Landscape of New England was born.
Key Points for Orientation
Kettle has intentionally avoided defining “good” or "bad”.
We need to know your needs before we can make recommendations.
Kettle applied Standard Categories to simplify the Landscape.
Each Category is defined in Appendix A of this document.
Kettle focused on Technical Cybersecurity Solutions Providers.
We heard the demand for a Landscape with a software and hardware focus.
Buy Local, Eat Local is Viable in New England.
We found a diverse Landscape with companies in each category when we applied two requirements: (1) to be headquartered in the New England region of the United States (Rhode Island, Connecticut, Massachusetts, Vermont, New Hampshire, Maine) and (2) to have Cybersecurity solutions as their primary business function.
New England has a bountiful selection of Cybersecurity providers - 166 locally sourced companies. Massachusetts leading the way with approximately 80% of the demand for roles with Cybersecurity specialists while the smaller states, like Rhode Island, are punching well above their weight, relative to population and economic activity.
Global Investments in New England Easily Double Demand.
When you remove the requirement to be headquartered in New England, a number of recognizable names with a significant local staffing presence are added to the Landscape. These companies include members of the Fortune 500 and add approximately 972 open roles to the demand for Cybersecurity skills in New England.
Locally headquartered companies currently have approximately 1,015 open Cybersecurity roles. When you include open Cybersecurity roles in financial services, healthcare, and defense in New England, the resource demand pipeline increases by approximately 10X.(3)
Small to Medium Sized Businesses (SMBs) Thrive.
92 out of 166 companies on the Landscape are small to medium sized businesses with fewer than 50 employees. 40 of the 166 companies on the Landscape were started less than five years ago, but a number of SMBs have been part of the New England Landscape since the personal computer revolution of the 1970s and 1980s.
SMBs typically drive innovation and responsive customer design, making them a key component of a balanced ecosystem. Venture Capital and M&A activity is significant in Cybersecurity, totaling $2.5B nationally in Q3 of 2017.(4)
Cybersecurity Skills Require Business Acumen.
National standards have been proposed, similar to CPA exam requirements, to ensure a consistent level of competency. (5) The open roles posted are not exclusively technical. Demand for roles in business development, marketing, recruiting, finance, and project management for these companies is robust.
Candidates with strong soft skills teamed with technical expertise will be highly desired. Cybersecurity leadership, particularly at the executive levels, require the ability to partner with business stakeholders and technology peers, including the Board of Directors, to make strategy reality. It takes political savvy and business acumen to communicate clearly and drive action.
How Will SMBs Achieve Scale?
New Englanders are well aware of the negative consequences of ignoring road and bridge maintenance. Infrastructure costs skyrocket and repair work brings traffic to a standstill. SMBs frequently struggle to grow sustainably and maintain any initial success over several years.
The startup mentality often embraces new product and feature development over reducing the amount of technical debt added over time. Large organizations are not immune from this tendency to ignore the voice of the customer, but it has an outsized impact on SMB products.
How Will the Landscape Evolve?
We expect the Landscape to change significantly by this time next year. M&A activity in Cybersecurity is robust and internal corporate investment funds are actively investing. Some companies will fail or fade. We expect some companies to take a page from Amazon’s HQ2 playbook and pit States and Cities against one another in an effort to grow their economy.
As the call for certification standards to demonstrate Cybersecurity competency increases, we expect that service providers and vendors will expand their products into additional categories, M&A activity will erase some features entirely, and new aspects of the landscape will appear.
How Will Cybersecurity Diversify?
The lack of diversity in senior business leadership is a trend that is unfortunately continued in the Cybersecurity sector. The industry’s global unemployment rate stands at 2%, and we are on pace to reach a cybersecurity workforce gap of 1.8 million by 2022, a 20% increase over the 2015 forecast. (6) ISACA estimates 2 million openings by 2019, and Cybersecurity Ventures, a cyber economy research firm, has predicted 3.5 million openings by 2021.(7)
This rapidly growing sector of the economy needs more cybersecurity professionals to meet the demands of our interconnected world. All IT professionals will need to know security, period.
Enterprising women and minorities have a tremendous opportunity to stand out from the pack. In several cases, women leaders have been shown to outperform their male counterparts. (8,9) In 2017, women made up just 14 percent of the field and African-Americans, Hispanics, and Asians represent less than 26 percent of the digital security workforce. (10)
Kettle Consulting Group was established with the belief that world class talent, locally sourced, creates a competitive edge through personal connection, familiarity with your business, and availability on demand. Cyber adversaries are actively attacking business supply chains. Audits and technical solutions can help mitigate the risk of a complex supply chain, but complex systems are inherently risky.(11)
The 2018 Kettle Cybersecurity Landscape of New England provides a guide for New England companies to consider local options for their Cybersecurity supply chain. The Buy Local, Eat Local Cybersecurity menu is filled with diverse, high quality options.
Beyond Kimchi and Kale: How Millennial ‘Foodies’ Are Challenging the Supply Chain from Farm to Table. Eve Turow Paul < Nov 11, 2016>
The Local Food Movement Benefits Farms, Food Production, Environment. Pallavi Gogoi 2010 BusinessWeek Online <>
Burning Glass Technologies Job Market Intelligence Cybersecurity 2015. <>
Momentum Cyber’s Quarterly Market Review Q3 of 2017.
Professionalizing Cybersecurity: A path to universal standards and status Francesca Spidalieri and Sean Kern <>
(ISC)² 2017 Global Information Security Workforce Study Benchmarking Workforce Capacity and Response to Cyber Risk <>
Cyber Venture’s Cybersecurity Job Report 2017 < >
Ibarra, H., & Obodaru, O. (2009). Women and the vision thing. Harvard Business Review: <‐and‐the‐vision‐thing/ar/1>
Mckinsey. (2008). Female Leadership ‐ A Corporate Performance Driver. < h.pdf>
(ISC)² 2017 Global Information Security Workforce Study Innovation Through Inclusion Report < https://www.isc2.org/-/media/Files/Research/Innovation-Through-Inclusion-Report.ashx>
Understanding and Managing Complexity Risk. Eric Bonabeau <>
By Matt Leathers and Emma Greaves