the forrester wave manage

Forrester Research, Inc., 60 Acorn Park Drive, cambridge, MA 02140 USA

Tel: +1 617.613.6000 | Fax: +1 617.613.5000 | www.forrester.com

The Forrester Wave™: Managed Security Services: North America, Q1 2012by Ed Ferrara, March 26, 2012

FOR: Security & Risk Professionals

key TakeaWays

Mssps don’t simply Cut Costs, They Can enhance your security CapabilitiesToday’s economic environment and mutating threat landscape are forcing CISOs to consider alternatives to simply insourcing information security. MSSPs leverage impressive economies of scale to off er clients an enhanced security environment, cost-eff ective security, and a scalable and fl exible security platform capable of handling future expansion.

The Mssp Market grows at Rapid pace as Cisos Look For Trusted partnersTh e MSS market is growing rapidly because more CISOs see MSS as a way to address top operational challenges. Forrester estimates growth in this space to be between 30% and 40% per year. Th is market growth is in large part due to the fact that CISOs increasingly trust MSSPs to advise them in top security decisions and act as strategic partners.

Threat intelligence and event Correlation are key differentiatorsAs signature-based technology becomes less eff ective against security threats, improved behavioral and heuristic-based detection techniques will dictate which providers are ahead of the pack. MSSPs that collect large data sets across their client base and advanced analytics position themselves to provide more proactive threat intelligence.

© 2012, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester®, Technographics®, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. To purchase reprints of this document, please email [email protected]. For additional information, go to www.forrester.com.

FOR SEcURITy & RISk PROFESSIOnAlS

Why Read This RepoRT

In Forrester’s 60-criteria evaluation of the North American managed security services market, we identified the nine significant service providers in this category — AT&T, CSC, Dell SecureWorks, HP, IBM, Symantec, Trustwave, Verizon, and Wipro — and researched, analyzed, and scored them. This report details our findings about how each service provider measures up and plots where they stand in relation to each other, to help security and risk (S&R) professionals select the right partner for their managed security services.

Table Of contents

Cisos Need support From Third parties

The Market Landscape

Managed security services: North america evaluation overview

Evaluation Focused On Breadth Of capabilities, Flexibility, And customer Satisfaction

Evaluated Vendors Offer A Full Suite Of Managed Security Services

evaluation analysis

Vendor profiles

leaders

Strong Performers

supplemental Material

notes & Resources

Forrester conducted services evaluations in October 2011 and interviewed nine MSSPs: AT&T, cSc, Dell SecureWorks, Hewlett-Packard, IBM, Symantec, Trustwave, Verizon, and Wipro.

Related Research Documents

navigate The Future Of The Security OrganizationFebruary 14, 2012

2012 Budget And Planning Guide For cISOsDecember 15, 2011

Updated Q4 2011: The new Threat landscape — Proceed With cautionnovember 1, 2011

The Forrester Wave™: Managed Security Services, Q3 2010August 4, 2010

The Forrester Wave™: Managed security services: North america, Q1 2012The nine Service Providers That Matter Most And How They Stack Upby Ed Ferrarawith nicholas Hayes and Stephanie Balaouras

2

3

4

6

8

10

MARcH 26, 2012

www.forrester.com

http://www.forrester.com/go?objectid=RES60799







http://www.forrester.com/go?objectid=BIO2706




The Forrester Wave™: Managed Security Services: north America, Q1 2012 2

© 2012, Forrester Research, Inc. Reproduction Prohibited March 26, 2012

Cisos Need suppoRT FRoM ThiRd paRTies

Information security is changing as a discipline. Security is no longer that critical function that must remain in-house. Just a year and a half ago Forrester reported that only one in four security organizations outsourced their email filtering.1 Today, more than half of security organizations outsource email filtering.2 An increasing number of CISOs now view security outsourcing as a viable method for reducing costs and improving their security capabilities. And with security budgets stagnant and business alignment a top priority for the CISO, MSS adoption is rising rapidly.3 Forrester estimates growth in this space to be between 30% and 40% per year.

Cost management is certainly one factor contributing to the fast adoption of managed security services (MSS), but more importantly, security organizations need the bandwidth and talent that top MSS providers (MSSPs) can offer. Large corporations susceptible to significant cyberrisks and compliance requirements need to enhance and invest in information security. With information security budgets static, the need to look to third parties to provide quality security services and drive economies of scale will shape security purchasing decisions during the next two to three years. Forrester sees the high growth in MSS occurring for three primary reasons:

■ MSSPs offer better resources, scalability, and talent — all for a cheaper price. Business and technical alignment are important factors for the selection of an MSSP. CISOs looking to security services cite cost reduction as a top factor, with 62% of CISOs listing this as an important or very important reason.4 Yet, while cost is a top issue and may be the initial catalyst for CISOs to seek the help of an MSSP, other more important issues, such as flexibility, expertise, and advanced technology, quickly enter the conversation. Leveraging impressive economies of scale, MSSPs can offer better returns on investment for CISOs in a number of areas and can ultimately offer an enhanced, more secure IT environment.

■ CISOs want trusted, strategic partners. Information security is an activity built on trust. MSSPs that understand this develop strong supporting partnerships with their clients and help them overcome their biggest security challenges. As one CEO of a technology product company explained: “When I switched vendors, I was looking for a vendor in it for the long haul; one that would work with me over time.” In return, MSSPs see strong endorsements from their clients and better contract renewal rates. Forrester believes that the relationship between CISOs and MSSPs will continue to deepen. As the MSSP demonstrates competency and even proficiency in certain areas, the partnership will quickly develop from an ad hoc relationship to a fully managed security IT environment (see Figure 1).

■ Advanced technologies, such as threat intelligence and correlation, drive future demand. Threat intelligence and correlation are not necessarily new ideas for CISOs. What is new is sophistication of new threat intelligence technology to detect intrusions. With a rapidly changing threat landscape and advanced persistent threats (APTs) now the norm, CISOs need solutions capable of detecting suspicious activity and need to receive alerts in near real time.5




MSSPs providing this capability will offer a level of protection that many security organizations desperately want and need. While not all MSSPs will be able to do this with the same level of success, Forrester believes those MSSPs that get this right will have a huge advantage in the market during the next two to five years.

The MaRkeT LaNdsCape

The MSSP market is divided into two major groups. The first group is the large enterprise class providers. These are MSSPs that offer multiple security operations centers (SOCs) in multiple geographies. These firms also have from 100 to more than 1,500 engineers and from one to seven SOCs. The second group are the midsize MSSPs that serve similar size companies, although some of these MSSPs have some very large marquee clients. These companies have from 25 to 150 engineers and usually one or two SOCs.

The focus of this Forrester Wave™ is the large enterprise providers that serve the North American market. MSS revenue for these providers ranges from an estimated $60 million to more than $500 million. Some of these providers are divisions of much larger companies, with corporate revenue estimated to be between $60 million and $130 billion.

Figure 1 MSSPs Try To Become Trusted Partners To Their Clients

Source: Forrester Research, Inc.57682

Level of strategicpartnership

Fully managedsecurity/IT environment

Network securityservices

Security servicesbundle

Ad hoc securityservices




MaNaged seCuRiTy seRViCes: NoRTh aMeRiCa eVaLuaTioN oVeRVieW

To assess the state of the North American managed security services market and see how the vendors stack up against each other, Forrester evaluated the strengths and weaknesses of top MSSPs with a substantial client base in the North American region.

evaluation Focused on Breadth of Capabilities, Flexibility, and Customer satisfaction

After examining past research, user need assessments, and vendor and expert interviews, we developed a comprehensive set of evaluation criteria. We evaluated vendors against 60 criteria, which we grouped into three high-level categories:

■ Current offering. Each vendor’s position on the vertical axis of the Forrester Wave graphic indicates the strength of its current MSS product offering. The sets of capabilities evaluated in this category are: value proposition, customer satisfaction, delivery capabilities, cloud and hosted services, infrastructure and perimeter, value-added services, content and application security, and staff dedicated to MSS.

■ Strategy. A vendor’s position on the horizontal axis indicates the strength of its MSS strategy, specifically focused on innovation and thought leadership, and company growth plans.

■ Market presence. The size of the vendor’s bubble on the chart indicates its market presence, which Forrester measured based on the company’s overall presence in the marketplace, its North American market presence, and its overall and MSS-specific financials.

evaluated Vendors offer a Full suite of Managed security services

Forrester included nine vendors in the assessment: AT&T, CSC, Dell SecureWorks, Hewlett-Packard, IBM, Symantec, Trustwave, Verizon, and Wipro. Each of these vendors has (see Figure 2):

■ A complete suite of managed security services. We looked for providers that offered a complete suite of managed security services.

■ A strong MSS presence in North America. A significant portion of their managed security service revenue had to come from their clients in North America.

■ Significant interest from Forrester customers. Forrester considered the level of interest from our clients based on our various interactions, including inquiries, advisories, and consulting engagements.

■ A large number of SOCs. Forrester considered the number of SOCs that each provider had globally.




■ Substantial annual MSS revenues. The annual revenue from their total managed security services was a large part of their business.

■ A high total number of locations and/or IP addresses managed. Forrester considered the number of locations, and in some cases, the number of IP addresses, the provider managed.

■ A host of dedicated SOC analysts. The provider had a sizable number of analysts or engineers that spent at least 80% of their time dedicated to the provider’s managed security services.

Figure 2 Evaluated Vendors: Vendor Information And Selection Criteria

Source: Forrester Research, Inc.

Vendor

AT&T

CSC

Dell SecureWorks

Hewlett-Packard

IBM

Symantec

Trustwave

Verizon

Wipro

No. ofSOCs SOC locations

5

5

7

5

10

4

3

7

8

No. of largeMSS clients

(deal size $50k+)Portal

version

N/A

v3.0

N/A

v3.0

v7.64645

v5.0

N/A

v11.4

v1.3

AT&T Security Center

Pulse

Dell SecureWorks Customer Portal

HP MSSPortal.net

IBM Virtual Security Operations Center

Symantec Internet Interface (SII)

TrustKeeper

MSS Security Dashboard

Managed Security Services Customer Portal

Forrester estimate: 1,200+

Forrester estimate: 30+








N.J., US; N.C., US; Va., US; Bangalore, IN; MY

AU; IN; MY; UK; US

Atlanta, Ga., US; Chicago, Ill., US; Myrtle Beach, S.C., US; Plano, Texas, US; Providence, R.I., US; Edinburgh, UK; Noida, IN

US; UK; MY

Atlanta, Ga., US; Boulder, Colo., US; South�eld, MI., US; Toronto, CA; Brussels, BE; Hortolandia, BR; Wroclaw, PL; Bangalore, IN; Tokyo, JP; Brisbane, AU

Herndon, Va., US; Reading, UK; Chennai, IN; Sydney, AU

Chicago, Ill., US; Denver, Colo., US; Warsaw, PO

Ashburn, Va., US; Carey, N.C., US; Miami, Fla., US; Leuven, BE; Luxembourg, LU; Canberra, AU; Chennai, IN

Atlanta, Ga., US; Bangalore, IN; Chennai, IN (2); Greater Noida, IN; Mysore, IN; Pune, IN; Bucharest, RO

Portalevaluated




Figure 2 Evaluated Vendors: Vendor Information And Selection Criteria (Cont.)


Vendor selection criteria

Complete suite of managed security services. We looked for providers that o�ered a complete suite of managed security services.

Strong MSS presence in North America. A signi�cant portion of their managed security service revenue had to come from their clients in North America.

Signi�cant interest from Forrester customers. Forrester considered the level of interest from our clients based on our various interactions, including: inquiries, advisories, and RFP.

Large number of SOCs and their location. Forrester considered the number of SOCs providers had globally.

Substantial annual MSS revenues. The annual revenue from their total managed security services must have been a large part of their business.

Total number of locations and/or IP addresses managed. Forrester considered the number of locations, and, in some cases, the number of IP addresses the provider managed.

A host of dedicated SOC analysts. The number of analysts or engineers that spent at least 80% of their time dedicated to the provider’s managed security services.

eVaLuaTioN aNaLysis

All of the MSSPs reviewed for this research have the capabilities to become a strategic partner for their clients; however, some were quite simply better at execution. The Leaders were notably close in their scoring. We interpret this to mean that the Leaders understand equally what it means to be a successful MSSP and execute on that vision. The Strong Performers also had their list of strengths but did not rate as well in key areas such as client business alignment, advanced threat intelligence, and execution on client SLAs. In order to be a true partner, Forrester believes strong client business alignment, forward-thinking threat management, and excellent execution determine the ability of the MSSP to meet current and future demands that clients will ask of these service providers.

The evaluation uncovered a market in which (see Figure 3):

■ IBM, Dell SecureWorks, Symantec, Verizon, Trustwave, CSC, and AT&T are Leaders. These vendors demonstrated both breadth and depth in the services they offered. They offered different delivery models and a robust set of capabilities across the board and plan to heavily invest in their MSS offerings to make sure they remain competitive and advance in the marketplace.

■ HP and Wipro are Strong Performers. The Strong Performers all offer solid security services and are able to compete through content expertise and price. While not all of the features they




provide are at the level of the Leaders, clients looking to outsource and reduce their total cost of ownership should be sure to consider both of these companies.

This evaluation of the North American managed security services market is intended to be a starting point only. We encourage readers to view detailed product evaluations and adapt the criteria weightings to fit their individual needs through the Forrester Wave Excel-based vendor comparison tool.

Figure 3 Forrester Wave™: Managed Security Services: North America, Q1 2012


Go online to download

the Forrester Wave tool

for more detailed product

evaluations, feature

comparisons, and

customizable rankings.

Risky Bets Contenders Leaders

Strong Performers

Strategy Weak Strong

Currento�ering

Weak

Strong

Market presence

Full vendor participation

AT&T

CSC

Dell SecureWorks

HP

IBM

Symantec

Trustwave

Verizon

Wipro




Figure 3 Forrester Wave™: Managed Security Services: North America, Q1 2012 (Cont.)


AT&

T

CSC

Del

l Sec

ureW

orks

HP

IBM

Sym

ante

c

Trus

twav

e

Veriz

on

CURRENT OFFERING Value proposition Customer satisfaction Delivery capabilities Cloud and hosted services Infrastructure and perimeter Value-added services Content and application security Sta� dedicated to MSS

STRATEGY Innovation and thought leadership Growth plans MARKET PRESENCE Presence in the marketplace North American market presence Financials

3.823.003.403.653.854.004.903.504.50

3.883.754.00

4.705.004.704.40

Forr

este

r’sW

eigh

ting

50%10%25%15%10%10%10%

5%15%

50%50%50%

0%20%60%20%

3.783.004.203.453.654.104.454.003.30

4.134.254.00

2.343.001.703.60

4.124.603.604.103.904.055.003.504.50

4.505.004.00

4.465.004.703.20

3.153.002.902.903.303.103.804.003.10

3.253.503.00

4.283.804.404.40

4.174.603.804.654.554.054.954.003.35

4.505.004.00

4.705.004.704.40

4.083.603.503.804.854.254.755.004.25

4.505.004.00

4.225.004.702.00

3.644.603.003.904.303.404.753.502.85

4.254.504.00

2.403.002.800.60

4.004.202.604.554.753.804.903.005.00

4.384.754.00

4.343.804.703.80

Wip

ro

3.303.002.403.703.853.352.754.504.15

2.582.252.90

2.143.001.702.60

All scores are based on a scale of 0 (weak) to 5 (strong).

VeNdoR pRoFiLes

Leaders

■ IBM. IBM continues its reign as a top Leader in the MSS market. IBM assists clients at all spectrums of MSS maturity — ranging from helping security leaders make that initial pitch to upper executives with its Total Cost of Ownership tool to advanced analysis and correlation capabilities in near real time through its proprietary analytic engine. IBM provides flexible delivery capabilities and tight integration with client systems through a well-defined set of APIs and offers a greatly improved customer portal. Look to IBM for significant depth of technical expertise and broad SOC coverage.

■ Dell SecureWorks. SecureWorks remains a top player in the very competitive MSS market. Dell SecureWorks’ strongest asset is the quality of its analysts. SecureWorks’ correlation and logic




engine technology, as well as its Counter Threat Unit, provide clients with the latest emerging threats and ensure that suspicious activity is detected and reported immediately. Customers felt monitoring services were excellent; however, they identified a dip in customer support after the Dell acquisition. Dell is investing in the business, and in the right areas, to ensure it offers top-tier security services.

■ Symantec. Symantec remains a key player in the MSS market, offering excellent capabilities, especially in the fields of content and application security. Customers identified Symantec’s customer-centric focus and correlation features as positive attributes; they pointed to better communication between top management and line management as areas of improvement. Customers seeking strong technical expertise, solid correlation capabilities, and flexible product offerings should look closely at Symantec.

■ Verizon. Verizon is a top telecommunications provider with a very large North American presence, with more than 2,000 unique clients in the region. Verizon emphasizes the business value and cost-controlling aspects that it delivers through managed security services and helps clients allocate resources to the most critical assets through its enhanced risk-based correlation engine. Verizon employs one of the largest security teams in the market with an aggressive recruiting strategy. Companies searching for a full host of services with a focus on cost should strongly consider Verizon.

■ Trustwave. Trustwave is one of the lesser-known MSSPs in this Forrester Wave. The company continues to improve its services to remain a strong competitor in this market. Trustwave leverages its PCI expertise and strong monitoring capabilities to attract larger, enterprise customers. Trustwave has had some growing pains, however, especially in the areas of onboarding, but it has one of the best customer retention rates of all the providers, with more than 98% of clients renewing or extending their agreements. Those looking for a strong technical team and customizable services should be sure to consider Trustwave.

■ CSC. During the past couple of years, CSC has demonstrated a renewed commitment to its MSS offerings. CSC primarily focuses on existing IT customers and leverages its large consulting practice to identify suitable candidates for a managed model. CSC uses cost-benefit models to demonstrate the return on investment in its services, and it has one of the better portals in terms of flexibility and features that we tested. Customers identified its well-run SOCs and responsiveness as positive attributes for CSC. They pointed to log management and poorly defined SLAs as areas of improvement. CSC continues to invest heavily in its MSS offerings and will focus its resources on global threat intelligence.

■ AT&T. As a large, North American telecommunications provider, AT&T has one of the largest customer bases, with more than 1,200 unique customers in the region. AT&T has an aggressive threat intelligence program and scans more than 25 petabytes of data travelling over




its networks daily. AT&T focuses on threat detection with strong network infrastructure and perimeter defense offerings, including robust log monitoring and analysis features. Areas of improvement were its customer portal and reporting features. Customers identified the size of its network and corresponding security capabilities as strong positives.

strong performers

■ Hewlett-Packard. HP remains one of the largest players in the MSS market, in large part due to its ability to offer large, complete IT services packages as a managed offering. As a part of its IT services bundles, HP manages entire IT security environments and provides great economies of scale. HP excels in the areas of application security and value-added features, but other features such as next-generation firewalls and advanced analytics lag behind other providers. Rigid contracts are an improvement area. Strengths are strong data centers and account management.

■ Wipro. Wipro’s focus on its offshore delivery model enables it to offer a solid set of security services at a very competitive price point. It has a broad list of security capabilities, and it helps clients outsource some key operational aspects of security. In some of the technical areas, such as content and application security, Wipro offers some of the better services we evaluated. Customer references identified flexible resources and cost-effectiveness as positive attributes for Wipro, but highlighted its tendency to over-commit and over-promise as an area for improvement. Some of its services are less advanced, but Wipro remains a great option for companies looking to reduce operational costs.

suppLeMeNTaL MaTeRiaL

online Resource

The online version of Figure 3 is an Excel-based vendor comparison tool that provides detailed product evaluations and customizable rankings.

data sources used in This Forrester Wave

Forrester used a combination of three data sources to assess the strengths and weaknesses of each solution:

■ Vendor surveys. Forrester surveyed vendors on their capabilities as they relate to the evaluation criteria. Once we analyzed the completed vendor surveys, we conducted vendor calls where necessary to gather details of vendor qualifications.

■ Portal demos. We asked vendors to conduct demonstrations of their portal’s functionality. We used findings from these product demos to validate details of each vendor’s product capabilities.




■ Customer reference calls. To validate product and vendor qualifications, Forrester also conducted reference calls with two of each vendor’s current customers.

The Forrester Wave Methodology

We conduct primary research to develop a list of vendors that meet our criteria to be evaluated in this market. From that initial pool of vendors, we then narrow our final list. We choose these vendors based on: 1) product fit; 2) customer success; and 3) Forrester client demand. We eliminate vendors that have limited customer references and products that don’t fit the scope of our evaluation.

After examining past research, user need assessments, and vendor and expert interviews, we develop the initial evaluation criteria. To evaluate the vendors and their products against our set of criteria, we gather details of product qualifications through a combination of lab evaluations, questionnaires, demos, and/or discussions with client references. We send evaluations to the vendors for their review, and we adjust the evaluations to provide the most accurate view of vendor offerings and strategies.

We set default weightings to reflect our analysis of the needs of large user companies — and/or other scenarios as outlined in the Forrester Wave document — and then score the vendors based on a clearly defined scale. These default weightings are intended only as a starting point, and we encourage readers to adapt the weightings to fit their individual needs through the Excel-based tool. The final scores generate the graphical depiction of the market based on current offering, strategy, and market presence. Forrester intends to update vendor evaluations regularly as product capabilities and vendor strategies evolve.

eNdNoTes1 Forrester discussed the growing managed security services (MSS) market in Q1 2010 and highlighted

that one in four security organizations outsourced their email filtering. See the March 10, 2010, “Market Overview: Managed Security Services” report.

2 Source: Forrsights Security Survey, Q2 2011.

3 Today’s chief information security officers (CISOs) continue to concentrate too much on tactical activities and day-to-day security operations, unable to escape the reactionary hamster wheel. Additionally, businesses and other parts of IT routinely circumvent today’s security organization in order to innovate and avoid hearing the predicted “no” response. So despite all the sensational headlines about major security breaches, many CISOs find themselves marginalized by their business colleagues. In this report, Forrester details what CISOs can do to realign with their businesses and transform themselves into chief business security officers, reasserting their position with management, the board, and the company as a whole. See the February 14, 2012, “Navigate The Future Of The Security Organization” report. Additionally, the global downturn has negatively affected security budgets for several years now, and chief information security







officers (CISOs) have become accustomed to accommodating increasing responsibilities with minimal change to resource levels. See the December 15, 2011, “2012 Budget And Planning Guide For CISOs” report.

4 Source: Forrsights Security Survey, Q2 2011.

5 The information security threat landscape is changing rapidly, and many security organizations are struggling to keep up with the changing nature, complexity, and scale of attacks. This dynamic landscape will not stabilize. As security managers struggle to keep up with this changing landscape and develop capabilities for handling new attacks, the attacks themselves will adapt to bypass new controls. The attacks of 2011 teach us that the threat landscape is not evolving but rapidly mutating as attackers find ever-more devious ways of bypassing security controls. See the November 1, 2011, “Updated Q4 2011: The New Threat Landscape — Proceed With Caution” report.




Forrester Research, Inc. (nasdaq: FORR) is an independent research company that provides pragmatic and forward-thinking advice to global leaders in business and technology. Forrester works with professionals in 19 key roles at major companies providing proprietary research, customer insight, consulting, events, and peer-to-peer executive programs. For more than 28 years, Forrester has been making IT, marketing, and technology industry leaders successful every day. For more information, visit www.forrester.com. 57682

«

Forrester Focuses OnSecurity & Risk Professionals

To help your firm capitalize on new business opportunities safely,

you must ensure proper governance oversight to manage risk while

optimizing security processes and technologies for future flexibility.

Forrester’s subject-matter expertise and deep understanding of your

role will help you create forward-thinking strategies; weigh opportunity

against risk; justify decisions; and optimize your individual, team, and

corporate performance.

Sean RhodeS, client persona representing Security & Risk Professionals

About ForresterA global research and advisory firm, Forrester inspires leaders,

informs better decisions, and helps the world’s top companies turn

the complexity of change into business advantage. Our research-

based insight and objective advice enable IT professionals to

lead more successfully within IT and extend their impact beyond

the traditional IT organization. Tailored to your individual role, our

resources allow you to focus on important business issues —

margin, speed, growth — first, technology second.

foR moRe infoRmation

To find out how Forrester Research can help you be successful every day, please contact the office nearest you, or visit us at www.forrester.com, For a complete list of worldwide locations, visit www.forrester.com/about.

Client SuppoRt

For information on hard-copy or electronic reprints, please contact Client Support at +1 866.367.7378, +1 617.613.5730, or [email protected]. We offer quantity discounts and special pricing for academic and nonprofit institutions.

mailto:[email protected]

www.forrester.com