Osterman Research is a market research and consulting firm. We deliver research-led insights across the domains of cybersecurity, data protection, and information governance.

Our research falls into three groups – market tracking, deep dives on current and emerging topics, and quantifying the achievement of business value. 

Our market tracking research investigates how organizations are responding, adapting, and adjusting to changes in technology, threats, and regulations across cybersecurity, data protection, and information governance. Market tracking research is usually done annually, in order to provide longitudinal data and perspective.

For example, the rise of data privacy regulations has been a key change in recent years. We’ve tracked that in Europe (with GDPR) and more recently in the United States (with the emergence of state-level data privacy regulations, starting with the CCPA). These research programs have usually been done with a syndicate of research participants.

We also track market developments under commission to a single technology vendor. Such research has looked into multi-cloud adoption, identity challenges, and key priorities for senior decision-makers. 

For more, please see:

We undertake deep dive research into current and emerging topics and trends across cybersecurity, data protection, and information governance. The focus of this research is to understand how organizations are dealing with emerging topics, how well they are positioned to respond effectively, and what is required to meet, achieve, and exceed baseline standards.

Recent research in this group has looked into the identity attack surface, the role of AI in email security, and cyber workforce resilience, among others.

For more, please see:

Organizations don’t embrace new technological approaches just because it’s a “nice idea” – they are accountable for achieving business value from their investments. We help to quantify the nature and shape of this value – using a methodology that assesses multiple dimensions of investment and return.

Recent research in this group has examined the business cost of phishing, the cultural value of security awareness training, and more.

For more, please see:

Contact Osterman Research to learn more

Please contact us to explore how we can work together.