Forrester’s Q3 2023 Landscape Report: Ontic Recognized Among Critical Event Management Providers
If you think back over the past couple of decades, the corporate security function at large companies has undergone a massive evolution. It’s become more proactive, less siloed, and more centralized. There’s an ongoing emphasis on intelligence and threat management across the board.
This evolution is in full view in a new research report from Forrester, “The Critical Event Management Platforms Landscape, Q3 2023.” We’re proud that Ontic has been included.
The diverse heritages of the companies included and the breadth of this category, which has its roots in mass notification services immediately after a crisis, is striking to me.
Traditional CEM is Too Narrow and Focuses Too Heavily on the ‘Big Bang’
I feel that in many ways, Ontic is a leader in this broader evolution, with a “left of bang” approach rooted in intelligence gathering and ongoing data analysis. Our focus on detection, ongoing monitoring, investigation, and assessment of threats stands in sharp contrast to the reactive, post-event programs of many CEM vendors.
We know that people who want to harm follow a familiar path. In the months, weeks, and days leading up to an event, there are a number of pre-incident indicators that organizations fail to recognize. We help companies connect the dots between the seemingly isolated, purportedly minor events and the full life cycle of threats. And we surface these connections through an enterprise-wide system of record in a single platform that consolidates the capabilities of many point solutions.
The security industry continues to face broader obstacles. Many organizations struggle to get executive buy-in (and budget) for change. Their leaders see the headlines about workplace violence and other serious incidents and think, “It won’t happen here,” even as they’ve missed several pre-incident indicators that could have persuaded them otherwise.
However, the threat landscape that many organizations face is growing. Security teams manage this environment with an unconnected, brittle tech stack that relies on several disconnected point solutions. Analysts are stuck toggling between screens, and the siloed information makes it hard to analyze data. One bright spot is the consolidation of solutions into more comprehensive platforms. In many cases, it’s saving companies money while giving them a centralized, global view of threats across the organization.
The Ontic Approach to Critical Event Management
Because context is king and response to a threat or event is a function of urgency and potential impact, Ontic categorizes threats and threat actors in three buckets that dictate the appropriate set of actions:
- Imminent threat – detect and immediately inform
- Evolving threat – detect, investigate, inform
- Complex threat (involving a threat actor) – detect, investigate, identify, assess, and inform
In the context of an imminent threat, we ensure the timely and accurate delivery of communications by focusing on three areas:
The discovery of the threat, pulling directly from sources that pull near-real-time data that can be configured to match location and topics of interest to quickly pull the most relevant and timely threat intel. With this, security teams can optionally curate potential threats to further validate veracity and cut down on false positives and noise.
Creating playbooks and workflows to route and properly triage issues to the appropriate team member with clearly defined SOPs that can be configured to the situation/threat.
Delivery of that information through the channels most used by the business (like email, SMS, Slack, etc.) or integration with mass communication-focused providers who can further deliver communications at scale as required.
Beyond the imminent threats, we use the same core capabilities that deliver robust solutions at scale for evolving and complex threats, unlike anyone in the industry.
We’re thankful to Forrester for including us in this Landscape report and are excited to continue disrupting a legacy category. Security is a strategic imperative for business success, and we’re built to help our clients thrive.