April 20, 2021

What was the best news you heard so far this month? Mine was learning that KrebsOnSecurity is listed as a restricted competitor by Gartner Inc. [NYSE:IT] — a $4 billion technology goliath whose analyst reports can move markets and shape the IT industry.

Earlier this month, a reader pointed my attention to the following notice from Gartner to clients who are seeking to promote Gartner reports about technology products and services:

What that notice says is that KrebsOnSecurity is somehow on Gartner’s “non exhaustive list of competitors,” i.e., online venues where technology companies are not allowed to promote Gartner reports about their products and services.

The bulk of Gartner’s revenue comes from subscription-based IT market research. As the largest organization dedicated to the analysis of software, Gartner’s network of analysts are well connected to the technology and software industries. Some have argued that Gartner is a kind of private social network, in that a significant portion of Gartner’s competitive position is based on its interaction with an extensive network of software vendors and buyers.

Either way, the company regularly serves as a virtual kingmaker with their trademark “Magic Quadrant” designations, which rate technology vendors and industries “based on proprietary qualitative data analysis methods to demonstrate market trends, such as direction, maturity and participants.”

The two main subjective criteria upon which Gartner bases those rankings are “the ability to execute” and “completeness of vision.” They also break companies out into categories such as “challengers,” “leaders,” “visionaries” and “niche players.”

Gartner’s 2020 “Magic Quadrant” for companies that provide “contact center as a service” offerings.

So when Gartner issues a public report forecasting that worldwide semiconductor revenue will fall, or that worldwide public cloud revenue will grow, those reports very often move markets.

Being listed by Gartner as a competitor has had no discernable financial impact on KrebsOnSecurity, or on its reporting. But I find this designation both flattering and remarkable given that this site seldom promotes technological solutions.

Nor have I ever offered paid consulting or custom market research (although I did give a paid keynote speech at Gartner’s 2015 conference in Orlando, which is still by far the largest crowd I’ve ever addressed).

Rather, KrebsOnSecurity has sought to spread cybersecurity awareness primarily by highlighting the “who” of cybercrime — stories told from the perspectives of both attackers and victims. What’s more, my research and content is available to everyone at the same time, and for free.

I rarely do market predictions (or prognostications of any kind), but in deference to Gartner allow me to posit a scenario in which major analyst firms start to become a less exclusive and perhaps less relevant voice as both an influencer and social network.

For years I have tried to corrupt more of my journalist colleagues into going it alone, noting that solo blogs and newsletters can not only provide a hefty boost from newsroom income, but they also can produce journalism that is just as timely, relevant and impactful.

Those enticements have mostly fallen on deaf ears. Recently, however, an increasing number of journalists from major publications have struck out on their own, some in reportorial roles, others as professional researchers and analysts in their own right.

If Gartner considers a one-man blogging operation as competition, I wonder what they’ll think of the coming collective output from an entire industry of newly emancipated reporters seeking more remuneration and freedom offered by independent publishing platforms like Substack, Patreon and Medium.

Oh, I doubt any group of independent journalists would seek to promulgate their own Non-Exclusive List of Competitors at Whom Thou Shalt Not Publish. But why should they? One’s ability to execute does not impair another’s completeness of vision, nor vice versa. According to Gartner, it takes all kinds, including visionaries, niche players, leaders and challengers.


65 thoughts on “Note to Self: Create Non-Exhaustive List of Competitors

  1. Bob

    Behold the power of this 4 Billion Dollar Fully Operational Product Placement & Marketing Service. Some time ago I used to use the word “Gartner” as a keyword on the domain’s spam filter. It was right up there with “Dr Oz”

  2. Bob

    Small typo: “Magic Quandrant” ?

    Keep up the excellent work!

  3. CraigA

    Congratulations! It’s an indicator of your success and your contributions to the field!

  4. David

    Had a former coworker treat his Gartner convention visits as some kind of holy spiritual visit, even brought up the magic quadrant putting his own spin on it. Gartner exists to promote technology solutions to gullible directors/CTOs that don’t know what they are doing on what to buy. Funny as heck you were added on the list as a competitor, very bizarre.

  5. Doug Bostrom

    Gartner apparently doesn’t understand the full implications of “there’s no such thing as bad ink.” This maxim does not apply only to scandal, to spell it out.

    “We’re really great. Don’t tell anybody.”

  6. SP

    Congratulations Brian. Some would call you a Visionary, and you have perhaps considered yourself a Niche Player. Clearly however you are officially in the Challengers quadrant.

  7. Sam in Superior

    I’m guessing Gartner is getting a nice amount of “input” on their policies.

  8. john

    You need to give yourself more credit. I skip A LOT of content on linkedin….but rarely yours. I’m not surprised more of your colleagues haven’t taken your path. It is demanding in a way that has nothing to do with writing skill and super scary when no one is cutting you the checks. Congrats on the ‘ding’ from Gartner. I’m guessing you must be at only a market cap of $1 billion but they clearly are worried. LOL.

    1. mealy

      You found Krebs through Linkedin, that’s a legitimate lol.

      1. martin

        I think the think to take from that is to highlight how influential Brian is on LinkedIn, which is (for better or worse) where most of Gartner’s audience gets their news.

        So I wouldn’t laugh at anyone coming from there, for “Decision Makers” LinkedIn is where they have their online community. And a fair amount of them are very competent.

  9. OndraH

    Since mid-2000’s I worked as an IT infrastructure architect for company that offered expert services (architecture, integration, security) mainly to financial institutions. One day, our management discovered Gartner reports and after two years their view of reality was based solely on Gartner’s output. The company shifted from providing expert services to “unboxing” trendy products at customer by inexperienced people. This was the time I left them. They still do their business successfully, but they buried the trademark.

    1. Danny Smith

      I too used to work in IT infrastructure area as a director. I was pretty good at coming up with thoughtful, first-time ideas and beating major challenges in the IT industry. When Gartner called to “interview” me, I agreed and looked forward to the insight on additional ideas they might have regarding my own thoughts. We were a subscriber to Gartner, but I was very disappointed when the information came out they interview me on and found out they just regurgitated everything I said with no thoughtful writing of their own. I dropped the subscription as I could get ideas from other colleagues in the industry without paying Gartner. They really provide nothing more than what a business MBA student could provide by studying the IT industry in a couple of classes.

  10. Barry

    Brian
    (Not necessarily for publication)
    Large companies like Gartner are slow off the mark
    My theory why they have blacklisted you is that they have realised that in 2016 / 2017 you had quoted Gartner in 8 articles – 6 of them with direct quotes by ¨Avivah Litan, a fraud analyst with Gartner Inc¨ . It might be worthwhile checking if he is still in their good books.
    Keep up the good work

  11. HeIsNot2BNamed

    If you have ever spoken to a vendor that has been in the magic quadrant and then not ‘subscribed’ as in paid to be a Gartner subscriber, then you’d know that Gartner is a pay for play scheme. Gartner is a farce to be reckoned with.

  12. Beeker25

    You should be in the Visionary/Niche box for all the work you do to inform people of the threats perpetrated by the fraudsters.❤

  13. Infosec Pro

    Congratulations for the Gartner recommendation, Brian! And I hope they appreciate the great marketing piece you just posted promoting them.

    Coincidentally I’ve got a call with my Gartner reps later this morning. Now I think I’ll open by asking who else is with Krebs on Security in the Magic Quadrant of competitors to Gartner.

  14. Michele

    Let’s not forget which companies “own” Gartner…..
    If you look over the last 20 years at their information, well, let’s just say look at it if you keep files that long.
    No one ever got fired for using Gartner as their justification either, albeit so expensive it is ridiculous.
    Brian is more aware of his area of expertise and I would use his info/insights before any other company!

  15. Amateur

    I tell every salesperson they can pound sand when they bring up their ranking in the magical quadrant space. I want to research and evaluate on my own and see what my peers say about it. Sort of like JD power…

    I see one reader had a good idea to add them to the spam filter. I may do that.

  16. SkunkWerks

    This rings similar to me of the way outfits like The Weather Channel tend to lobby congress to get the NOAA (which gives out the same information free of solicitation) to give out LESS information.

  17. Nicole

    Gartner and it’s ‘competitors’ are all pay to play. Their ‘reports’ are extremely subjective. Congrats, Brian. I’d consider this a win in your book.

  18. TCL

    That’s the problem with the Gartner Magic Quadrant or the Forrester Wave report. One should take it with a grain of salt and depending on your environment. Just because it says that the vendor product is a leader in the space does not mean it’s the product for your company and depends on who is the analyst reviewing the product. There are many great security products out there who does not advertise heavily because they don’t have the budget. You know whom I’m talking about and it’s not CrowdStrike, FireEye, Solarwinds and more.

  19. Paul Murray

    As someone who had sunk plenty of money into Gartner in an attempt to ‘fit in’ to one of their quadrants, I can say from experience to those vendors that do NOT appear in any quadrant at all. If someone is looking for a solution in a particular space, your absence from Gartner’s quadrants does not necessarily mean your are not a serious contender, but rather you chose to spend your tens of thousands on R&D instead.

  20. Roger Caslow

    Those of us who have taken the cybersecurity “red pill” already know how Gartner, Forrester, etc work. Magic Quad is pay to play and they obviously don’t like information sharing to promote better security. Sadly there are far too many “blue pill” takers with them..

Comments are closed.