12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

Market Share Analysis: Security Consulting,

Worldwide, 2012
16 May 2013 ID:G00245586
Analyst(s): Lawrence Pingree

VIEW SUMMARY
The security consulting service market grew 5.8% from 2011 to 2012, driven largely by advanced
attacks, incident response and mobile security demands.

EVIDENCE
Gartne r use d a pe rce ntage allocation m ode l from
m ark e t e stim ate s in "Mark e t Share : IT Se rvice s,
2012" and e x am ine d the "consulting"
subse gm e nt to arrive at our e stim ate s for se curity
consulting for e ach provide r in this m ark e t share
for the se curity consulting se rvice m ark e t.

Overview
Key Findings
The top 10 consulting providers accounted for 51% of the total security consulting service
market.
Security-specific system integration providers like FishNet Security and Accuvant that focus
efforts on just security rather than support a broader portfolio with general IT services
offerings have seen strong growth during the last year.
The Greater China region posted the strongest year-over-year growth, at 27%, fueled by the
expansion of regional regulatory mandates and the addressing of data security concerns from
the increasing Chinese economic and supply chain integration worldwide.
As more global organizations increase interactions with third-party entities based in China, the
organizations are incorporating security requirements that these entities must fulfill, which
increase local demand for security consulting.

TABLE OF CONTENTS
CONTENTS
Market Share Data
Overall Market Segment Performance Analysis
Regional Markets
Top Vendors Analyzed
Deloitte
Ernst & Young
PwC
IBM
KPMG
Booz Allen Hamilton
Accenture
HP
SAIC
EMC (RSA Security Division)
Other Notable Vendors
Accuvant
FishNet Security
Mergers and Acquisitions

NOTE 1
MARKET DEFINITION
Se curity consulting se rvice s are se curity-spe cific
advisory se rvice s to he lp com panie s analyze and
im prove e fficie ncy of busine ss ope rations and
te chnology strate gie s for se curity. Se curity
consulting se rvice s include se curity-re late d
busine ss and IT consulting, and se curity
assurance , but e x clude s se curity audit work that
re sults in atte station of se curity controls for audit
purpose s. Also, our se curity consulting se rvice
de finition doe s not include product or se rvice
im ple m e ntation consulting e fforts or nonse curityre late d consulting or m anage d se rvice s.
Ex am ple s of se curity consulting activitie s include :
Asse ssm e nts of com pliance against se curity
m andate s (e x cluding e fforts that include a
final atte station for audit purpose s)
Busine ss and IT se curity risk asse ssm e nts
Application code se curity re vie w
Strate gic se curity program re vie w
Se curity program de ve lopm e nt activitie s
Se curity program m aturity asse ssm e nts
O the r se curity-re late d consulting e fforts

TABLES
Table 1.

Top 10 Security C onsulting Providers' Worldwide Market Share, 2011-2012 (Millions of

Dollars)

Table 2.

Annual Revenue by Region: Security C onsulting Services, Worldwide, 2011-2012

(Millions of Dollars)

Table 3.

Distribution of Security C onsulting Versus IT Services C onsulting by Region, 2011-2012

Table 4.

Top Five Security C onsulting Providers by Region and by Revenue (Millions of Dollars)

Table 5.

Notable Mergers and Acquisitions, Security C onsulting Market, 2011

FIGURES

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

1/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

Figure 1.

Security C onsulting Service Market Share, Worldwide, Percentage by Region, 2012

Figure 2.

Annual Security C onsulting Revenue Growth by Region, 2011-2012

Market Share Data

In Table 1, Gartner estimates the market share of major service providers in the worldwide security
consulting service market.

Table 1. Top 10 Security Consulting Providers' Worldwide Market Share, 2011-2012 (Millions of
Dollars)
Annual Growth
Rate (%)

2012 Market
Share (%)

1,001

14.0

9.3

826

966

16.9

8.9

PwC

671

807

20.3

7.5

IBM

721

710

-1.5

6.6

KPMG

478

514

7.5

4.8

Booz Allen
Hamilton

430

454

5.6

4.2

Accenture

385

402

4.4

3.7

HP

336

347

3.4

3.2

SAIC

163

177

8.6

1.6

EMC
(RSA Security
Division)

149

167

11.7

1.5

2011
Rank

2012
Rank

Rank
Change

2011
Revenue

2012
Revenue

Deloitte

878

Ernst & Young

+1
-1

12

10

+2

Company

Source: Gartner (May 2013)

Table of Contents

Overall Market Segment Performance Analysis

The security consulting service market grew 5.8% from 2011 to 2012. In 2012, the top 10 security
consulting firms accounted for 51% of the market. Security-specific system integrators, such as
FishNet and Accuvant, had significant revenue growth on a percentage basis. Audit firms accounted
for the largest overall revenue growth in the marketplace from 2011 to 2012 since they command
the greatest overall portion of revenue in the market.
Gartner believes many organizations continue to seek security-specific specialists and guidance to
address the heightened risks seen in the IT landscape. Based on Gartner's IT key metrics data (see
"IT Key Metrics Data 2013: Key Information Security Measures: by Industry"), the most spending in
the security marketplace has been in industries like software publishing, Internet services,
government, professional services and insurance. These organizations represent the biggest
opportunities for consulting providers in the security consulting market.
Many organizations are looking to cope with compliance or security-related risks and to address
advanced techniques used by hackers in recent well-publicized and successful data breaches and
denial-of-service attacks. These high-profile events elevate market demand by increasing the
visibility of security risks globally and serve as an inflection point that some are losing the battle
against attackers that target companies and networks globally. Many of the top 10 security
consulting providers have adjusted their go-to-market strategy by offering incident response
services, advanced threat protection and assessment services, as well as other extended security
services to address additional risks introduced by newly deployed mobile devices and applications.
Table of Contents

Regional Markets
Security consulting market participants face a challenging landscape of regional dynamics and
competitors that must be continually factored into the development of each participant's offerings.
These continuous changes are necessary in service markets to ensure service companies
continuously connect to clients' changing consulting demands. Organizations worldwide continue to
roll out virtualization technologies and cloud infrastructure, and therefore, need consultants to
evaluate the security ramifications of these rollouts. Additionally, organizations continue to drive
cost-efficiencies by utilizing third parties for commoditized business operational functions and
manufacturing. Use of third-party entities drives an expansion of security risks, which results in
demand for extensive risk assessment engagements that require additional resources and security
consulting.

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

2/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

When organizations span across regions, clients often demand low travel costs, consultants who
speak their own language(s) and customized offerings that adhere to the latest regulatory and risk
landscape changes. These competitive dynamics are especially important for highly competitive
deals at larger clients. Many large organizations are mandated by their management to seek
competitive shortlists and bids from multiple participants, and these factors help their competitive
position within the security consulting client base.
Regulations and other legal mandates, as well as geopolitical hacking concerns, are often specific to
the country where a particular organization is located or where a client organization is doing
business. This means that security consulting providers must continually maintain a significant
knowledgebase relevant to each country or geography where they do business. Providers must
customize their solutions appropriately and regularly educate their security consultants, as well as
update relevant security assessment programs to compensate for the changing consulting needs
(which is not always an easy proposition). Each of these factors adds to the complexity of
competition, especially for market participants desiring to expand into other countries or specific
regions where they have no expertise. For more information on regional regulatory mandates
worldwide, see "Competitive Landscape: Professional Security Consulting Services, Worldwide,
2013."
Greater China has the strongest growth rate, at 27% (see Table 2), followed by the emerging
Asia/Pacific region, with 17.7% growth. These significant growth numbers are attributed to regional
regulatory expansion and increased demand within retail and financial services sectors to address
Payment Card Industry Data Security Standards (PCI DSS).

Table 2. Annual Revenue by Region: Security Consulting Services, Worldwide, 2011-2012

(Millions of Dollars)

Region
Eastern Europe
Emerging Asia/Pacific
Eurasia

2011
Revenue

2012
Revenue

2012
Market Share (%)

2011-2012 Growth (%)

97

102

0.9

5.5

231

271

2.5

17.7

68

77

0.7

12.3

Greater C hina

284

361

3.3

27.0

Latin America

354

397

3.7

12.2

1,206

1,277

11.8

5.9

123

135

1.2

9.5

4,530

4,724

43.8

4.3

107

118

1.1

10.3

3,207

3,333

30.9

3.9

10,207

10,795

100.0

5.8

Mature Asia/Pacific
Middle East and North Africa
North America
Sub-Saharan Africa
Western Europe
Total

Source: Gartner (May 2013)

Table of Contents

In Table 3, we examine the distribution of security consulting revenue versus the distribution of
consulting revenue in our IT services market share. The distribution is fairly even when comparing
the two markets; however, there are some regional differences, with higher proportions of security
consulting in particular regions. The dominating factor in these dynamics is that some organizations
are behind others in more mature economies, and therefore, are addressing regulatory and
security demands as the market (which is largely dominated by North America, with 43.8% of the
distribution) expands across the globe.

Table 3. Distribution of Security Consulting Versus IT Services Consulting by Region, 2011-2012

2011
Security
Consulting (%)

2012
Security
Consulting (%)

2011
IT Services
Consulting (%)

2012
IT Services
Consulting (%)

Eastern Europe

0.9

0.9

1.4

1.3

Emerging
Asia/Pacific

2.3

2.5

2.4

2.7

Eurasia

0.7

0.7

0.8

0.8

Greater C hina

2.8

3.3

2.9

3.5

Latin America

3.5

3.7

3.8

3.9

11.8

11.8

14.3

14.7

1.2

1.2

1.5

1.5

Region

Mature Asia/Pacific
Middle East and

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

3/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

North Africa
North America
Sub-Saharan
Africa
Western Europe
Total

44.4

43.8

36.0

37.0

1.0

1.1

1.2

1.2

31.4

30.9

35.8

33.5

100.0

100.0

100.0

100.0

Source: Gartner (May 2013)

Table of Contents

Figure 1 shows the differences regionally on a percentage basis. It is easy to see that some areas
of the globe are likely to expand their security consulting needs dramatically during the next several
years as they further address their own data center and security demands and as regulatory
requirements evolve to address systemic risks. Gartner believes the largest opportunities for global
security service providers continue to originate in the emerging Asia/Pacific and Greater China
regions, with relatively strong forecast growth through 2016 (see "Forecast: Information Security,
Worldwide, 2010-2016, 4Q12 Update").
One of the many reasons security consulting market revenue is so large in North America is that the
United States has more data centers than any other country in the world. Gartner estimates that
the total number of midsize, enterprise and large data centers in the United States will top 5,447
(see "Forecast: Data Centers, Worldwide, 2010-2016, 4Q12 Update"). This means that this region
has the most significant amount of infrastructure that must address security risks and regulatory
requirements. This large infrastructural aspect, combined with growing regulatory pressures during
the last few years (especially for data privacy and data breach notification), has significantly
increased consulting demand to address organizational concerns about security consulting efforts.

Figure 1. Security Consulting Service Market Share, Worldwide, Percentage by Region, 2012

Source: Gartner (May 2013)

Table of Contents

In Figure 2, Gartner found the largest revenue growth in the security consulting market came from
the Greater China region, with a growth rate of 27% from 2011 to 2012. Organizations in Greater
China continue to increase their security expenditures to address security risks and regulatory
pressures both inside and outside of the country. As more external organizations increase
interactions with organizations based in China, these new partnerships often incorporate securityspecific mandates. Further, the desire of the external partners to engage local security consultants
to evaluate Chinese companies creates heightened regional demand. Regional growth in Greater
China is also being affected by China's interest in engaging in business with organizations in the
emerging Asia/Pacific region, where legal mandates for data protection have emerged recently (for
example, Singapore's data protection laws).
Gartner revenue estimates for emerging Asia/Pacific place this region with the second-highest
growth rate of 17.7%. This regional growth is driven largely by data protection regulatory demands,
as well as security assessment and compliance consulting to perform PCI DSS preassessments.
During vendor interviews, Gartner observed that several regional banks were in the process of
focusing on compliance with the PCI standards, and that the PCI standards council and the card
networks were pressuring regional organizations to comply.

Figure 2. Annual Security Consulting Revenue Growth by Region, 2011-2012

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

4/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

Source: Gartner (May 2013)

Table of Contents

In Table 4, clients can examine the top five security consulting providers by region and revenue in
each region. In Western Europe, PwC continues to dominate by competing heavily in deals against
KPMG, Deloitte, Ernst & Young and Accenture. In Sub-Saharan Africa, the top provider is Ernst &
Young, focusing its marketing efforts on IT risk and assurance services in the region. In North
America, Deloitte dominates in the No. 1 position, above Ernst & Young, Booz Allen Hamilton, PwC
and IBM. Deloitte offers an extensive lineup of security consulting offerings, including enterprise
application integrity, identity and access management, and it is well-known for risk management
and privacy consulting practices. In Asia/Pacific and Greater China, organizations tend to shortlist
the more technically focused consulting firms over audit and accounting firms.

Table 4. Top Five Security Consulting

Providers by Region and by Revenue
(Millions of Dollars)
Region

2012

2011

PwC

254

216

KPMG International

245

234

Deloitte

222

196

Ernst & Young

202

173

Accenture

174

176

Ernst & Young

24

20

KPMG International

11

10

PwC

10

10

Accenture

Deloitte

Deloitte

596

534

Ernst & Young

521

446

Booz Allen Hamilton

445

421

PwC

374

304

IBM

201

212

19

16

Booz Allen Hamilton

Deloitte

Western Europe

Sub-Saharan Africa

North America

Middle East and North Africa

Ernst & Young

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

5/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

KPMG International

PwC

213

213

Ernst & Young

87

74

PwC

81

66

Deloitte

77

59

KPMG International

65

57

Ernst & Young

48

41

IBM

46

49

PwC

39

35

Deloitte

29

26

Accenture

28

26

IBM

53

54

Deloitte

25

19

KPMG International

25

21

Ernst & Young

24

21

PwC

18

15

Mature Asia/Pacific

IBM

Latin America

Greater C hina

Eurasia

Ernst & Young

10

KPMG International

Deloitte

IBM

BearingPoint

IBM

40

33

Deloitte

32

26

Ernst & Young

19

16

PwC

17

15

Accenture

17

15

Emerging Asia/Pacific

Eastern Europe

Ernst & Young

10

KPMG International

Deloitte

PwC

Accenture

Source: Gartner (May 2013)

Table of Contents

Top Vendors Analyzed

Deloitte
Based on Gartner estimates, Deloitte is the world's largest IT consulting firm, as well as the largest
security consulting services firm (see "Market Share: IT Services, 2012" for Gartner's IT consulting
estimates). The company grew 14%, with its IT consulting revenue growing from $878 million to

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

6/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

just more than $1 billion in 2012. Deloitte offers a comprehensive array of security consulting
services as part of its Audit and Enterprise Risk Services, which include risk assessment, compliance
assessment, security framework development and many other security-related consulting offerings.
During the last several years, Deloitte has focused quite a bit on growing its security practice. The
company has established solid branding around its Center for Security & Privacy Solutions, which
helps it engage and brand itself with corporate clients. The company has seen some recent activity
with government clients by directly marketing to the concerns of government clients for its
cybersecurity service offerings. The company recently released survey results from its "tech trends"
Dbriefs webcast survey of 1,749 business professionals, which indicated that one in four
respondents reported at least one cyberattack during the past year, which provided it with a
strong marketing message for its security practice globally. One reason Deloitte succeeds against
the four other top firms is that its global delivery network is the largest and most mature compared
with those firms.
Table of Contents

Ernst & Young

Ernst & Young is estimated as the world's second-largest security consulting company. Its security
consulting revenue grew from $826 million in 2011 to $966 million in 2012, a 16.9% growth rate.
The company offers both risk and assurance services in which it focuses on developing risk
management capabilities within its clients. The company offers threat and vulnerability assessment
services, which include traditional infrastructure assessments, social engineering assessments,
application assessments, data loss prevention assessments, as well as application security training,
ongoing enablement services and cloud security assessments. The company has recently oriented
its marketing toward assessment of advanced threats, also called "advanced persistent threats,"
to take advantage of revenue demand in this area of client concern. The company also published a
privacy trends 2013 report that helps market its privacy development and data protection
consulting engagement capabilities. Significant services that support its strong growth rate against
competitors include its disaster recovery and business continuity, regulatory compliance and
investigation services for fraud and incident response, which are in high demand with many
customers worldwide.
Table of Contents

PwC
PwC is the third-largest technology service provider in the security consulting market, growing from
$671 million in 2011 to $807 million in 2012, with a strong growth rate of 20.3%. The company has
an extensive IT security, privacy and risk practice that is focused on reduction in cybercrime risks,
effective spending for security, risk management that extends to third parties, brand integrity
protection, improved asset management and reduction in the cost of security-related compliance.
The company offers traditional data center and infrastructure consulting, as well as cloud-specific
security, as do many of the other top firms in the security consulting market. The company also
provides digital forensics for incident response and legal e-discovery client needs as organizations
continue to respond to advanced attacks and targeted malware.
Table of Contents

IBM
IBM is the fourth-largest security consulting service provider in the security consulting service
marketplace, with an estimated $721 million revenue in 2011 that declined 1.5% in 2012 to $710
million. Although IBM is a significant security software provider, it also has a significant security
consulting practice designed to provide clients with security consulting services for security
governance, infrastructure security assessment, application security assessment, data security
assessment, identity and access management program development, and physical security
consulting engagements. The company also offers extensive incident response, legal e-discovery
and forensic analysis services as security consulting offerings. The company has done well in the
Greater China region, where customers continue to see the company as a significant business
partner and brand.
Table of Contents

KPMG
KPMG is estimated to be the world's fifth-largest security consulting company. The company grew its
revenue from an estimated $478 million in 2011 to $514 million in 2012. As part of KPMG's risk
consulting practice, it offers IT advisory services that contain practice areas to support client goals
like information protection, business resilience, IT governance risk and compliance consulting. In the
company's management consulting practice area, it offers IT governance consulting. The company's
latest marketing efforts focus on transforming risks into business opportunities for growing their
clients' profits. The company also offers digital forensic and e-discovery consulting services, which
help clients address digital discovery for legal cases and incident responses and to investigate a
potential data breach.
Table of Contents

Booz Allen Hamilton

Booz Allen Hamilton was estimated by Gartner as the sixth-largest security consulting service

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

7/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

provider globally. Its estimated security consulting revenue of $430 million in 2011 grew to $454
million in 2012, with a 5.6% growth rate. Although the company has an extensive array of service
offerings for the commercial sector, Booz Allen Hamilton had its greatest success with governmentrelated security consulting efforts as it has a long history as a government contractor in the United
States. This long history makes it easier to gain revenue from these entities as a trusted provider in
extensive engagements that require "top secret" and "secret" security clearance. Many of its
engagements involve consulting with federal entities, such as the National Security Agency and
Department of Homeland Security, as well as other relationships with Department of Defense
agencies. It also continues to be a significant provider for many other sensitive government-related
security consulting engagements. The company specializes in incident response, pre-emptive
response, integrated remediation and cybersecurity intelligence solutions, utilizing advanced
cyberanalytics and its extensive computer network defense security operations center capabilities
to enhance its security consulting offerings.
Table of Contents

Accenture
Accenture is a global management consulting and technology service company. Its extensive
portfolio of consulting services includes security risk management and assessment services.
Accenture's revenue in the security consulting market grew by 4.4%, from an estimated $385 million
in 2011 to $402 million in 2012. Although Accenture is most well-known for its implementation
services, it also offers a broad array of security consulting services that include application security
assessment, security strategy development, risk management, security governance, business
continuity and disaster recovery planning, data protection consulting, privacy consulting, and
security transformation. The company also offers compliance preassessment and remediation
consulting for PCI DSS. Accenture focuses much of its growth efforts on the healthcare vertical, but
also services many other verticals with its portfolio of offerings, which allows it to execute well in
these areas of its business.
Table of Contents

HP
HP, one of the largest comprehensive software and service portfolio companies, had estimated
revenue of $336 million in 2011 that grew to $347 million in 2012, with a growth rate of 3.4%.
Although the company continues to move through several disruptive events, including an
accounting scandal and its recent Autonomy purchase, HP continues to grow, despite growth rates
lower than the overall market. To combat this situation, it has enhanced its security consulting
offerings during the last year. For example, the company expanded its consulting services to include
security operations center planning and development to extend its current offerings for vulnerability
management program development, digital investigation services, security metrics and reporting
consulting, security risk, and control assessment. The company takes a life cycle approach to
information security with its ATOM (also referred to as assess, transform, optimize and manage)
security life cycle. Organizations seeking to optimize their information security operations enjoy this
innovative approach and often select HP as their preferred security consulting provider due to this
focus area.
Table of Contents

SAIC
SAIC is the ninth-largest security consulting service organization globally, with estimated 2011
revenue of $163 million, growing by 8.6% to $177 million in 2012. With an extensive government
contracting background, SAIC offers security consulting services to both government and
commercial entities. The company's offerings help these clients assess their security programs and
current security risk posture, as well as help educate client organizations on best practices for
systems and application security. The company recently joined the Microsoft Security Development
Lifecycle Pro Network to support its rollout of application security review and testing services. SAIC
also specializes in PCI DSS preaudit assessments, security program development, digital forensics,
e-discovery, security incident response, and disaster recovery and business continuity consulting.
Notably, the company also focuses on security consulting for supply chain security risks, which has
been top of mind for many government entities, especially given recent passage of a U.S.
congressional spending bill restricting federal entities' purchases of Chinese-made electronics.
Gartner has also seen during the last year increased demand of organizations seeking ways to
evaluate the security controls of third-party supplier organizations, which also benefits SAIC's
security consulting practice.
Table of Contents

EMC (RSA Security Division)

The RSA security division of EMC is the world's 10th-largest security consulting service company.
RSA's estimated security consulting revenue of $149 million in 2011 grew to $167 million in 2012,
with a growth rate of 11.7%. The company has extensive security experience, with a broad
portfolio of product offerings to complement its security consulting services. In the security
consulting landscape, RSA provides extensive services to help customers with assured availability,
business continuity, fraud and identity management, governance, risk, compliance, information
governance, mobile device security and trusted cloud. The company focuses on advanced threats,
and helping organizations build security operations centers is a key ingredient to its growth within
the security market.

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

8/9

12/12/13

Market Share Analysis: Security Consulting, Worldwide, 2012

Table of Contents

Other Notable Vendors

The following security consulting providers have been selected either because they have had
significant growth in the security consulting market or they are often included in Gartner clients'
shortlists.
Table of Contents

Accuvant
Accuvant has the strongest overall revenue growth in the security service market, with an
estimated 25% gain in overall security service revenue. Gartner believes this growth is attributed
largely to its purely security-focused market participation. The company offers security program
strategy and program development, security research and intelligence consulting services, risk
assessment and penetration testing services, as well as application security consulting and
malware analysis services. The company also specializes in performing smart meter security
assessments for the energy sector.
Table of Contents

FishNet Security
FishNet has grown its security consulting practice through a number of acquisitions across the
United States. With most of the company's overall revenue coming from security technology resale
activities and adjunct implementation services, the company continues to have a significant and
growing security consulting service practice. In 2011, the company earned an estimated $81 million
in the security consulting market and grew its security consulting revenue by an estimated 16% to
$94 million. In January 2013, Investcorp acquired a majority stake in FishNet.
Table of Contents

Mergers and Acquisitions

Table 5 shows the notable mergers and acquisitions in 2011.

Table 5. Notable Mergers and Acquisitions, Security Consulting Market, 2011

Acquirer

Acquired

Acquisition
Date

Details

Ernst &
Young

Hacktics

January

Added to its Web application security testing and

consulting

Ernst &
Young

C ataphora

September

Acquired the assets for e-discovery

PwC

Ascure

August

IT security and business continuity consulting

Source: Gartner (May 2013)

Table of Contents

2013 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be
reproduced or distributed in any form without Gartners prior written permission. If you are authorized to access this publication, your use of it is subject to the
Usage Guidelines for Gartner Services posted on gartner.com. The information contained in this publication has been obtained from sources believed to be reliable.
Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies
in such information. This publication consists of the opinions of Gartners research organization and should not be construed as statements of fact. The opinions
expressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal
advice or services and its research should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that
have financial interests in entities covered in Gartner research. Gartners Board of Directors may include senior managers of these firms or funds. Gartner research
is produced independently by its research organization without input or influence from these firms, funds or their managers. For further information on the
independence and integrity of Gartner research, see Guiding Principles on Independence and Objectivity.

About Gartner | C areers | Newsroom | Policies | Site Index | IT Glossary | C ontact Gartner

www.gartner.com/technology/reprints.do?id=1-1FQZ117&ct=130522&st=sb

9/9