Cybersecurity Vendor Research Is Broken - Richard Stiennon Built a Fix

BIRMINGHAM- For CISOs and CIOs, cybersecurity vendor research has quietly become one of the most expensive inefficiencies inside the enterprise.

Security architects lose weeks buried in Google searches. Analysts build sprawling spreadsheets that are outdated almost as soon as they’re finished. Vendor shortlists are shaped less by market reality than by which sales teams get in front of buyers first.

That inefficiency isn’t just frustrating — it’s costly.

In this MITechNews interview, Richard Stiennon, founder of IT-Harvest, explains why most cybersecurity buying processes are structurally broken — and how he built a platform to fix it.

“The vendors know you don’t have time to find alternatives,” Stiennon said.
“So they pitch whatever they want, at whatever price they want.”

Two Decades of Cybersecurity Market Intelligence

Stiennon has tracked the cybersecurity industry for more than 20 years, long before today’s explosion of overlapping tools, categories, and buzzwords. For the past six years, that work has been published in an annual industry book cataloging the global cybersecurity market.

More recently, he transformed that research into a live intelligence platform: the IT-Harvest Dashboard.

Today, the dashboard tracks:

Approximately 5,000 cybersecurity companies worldwide
More than 12,000 individual security products
Hundreds of functional categories based on what tools actually do — not how they’re marketed

Instead of static lists or rankings, IT-Harvest provides a continuously updated map of the cybersecurity ecosystem.

How the IT-Harvest Dashboard Works

As Stiennon explains in the interview, the dashboard is not a ranking system and not a pay-to-play analyst report.

It is a searchable, structured research platform that allows security leaders to:

Search by security problem, not vendor name
Instantly see all vendors operating in a category
Identify overlap and redundancy across existing tools
Discover alternatives before engaging sales teams

What once required weeks of internal labor can now be done in minutes.

“Hiring just one cybersecurity professional to do continuous vendor research can easily exceed $200,000 a year once salary and benefits are included. IT-Harvest turns that effort into a shared, on-demand capability for a fraction of the cost.”
— Richard Stiennon

The Cost Comparison CISOs Understand

Stiennon encourages security leaders to think beyond software pricing alone.

Hiring a single experienced cybersecurity professional focused on vendor research can easily top $200,000 per year once salary, benefits, and overhead are factored in — and even then, market knowledge remains concentrated in one role.

Commissioning custom research from firms like Gartner Group can also exceed $100,000, depending on scope, frequency, and analyst access.

By comparison, an annual subscription to the IT-Harvest Dashboard costs $17,000.

For many organizations, the platform complements internal staff while dramatically reducing time spent on manual research. Vendor discovery becomes a repeatable, shared capability, not a recurring bottleneck.

Why CISOs and CIOs Care

For senior security and IT leaders, the value isn’t convenience — it’s control.

The dashboard supports:

Stronger leverage during vendor negotiations
Clearer visibility into crowded and overlapping markets
Faster architecture and consolidation decisions
More defensible, data-backed board discussions

Instead of reacting to vendor pressure, teams gain situational awareness.

Breaking the Research Bottleneck

Stiennon describes what he calls the research bottleneck — the moment teams stop evaluating options not because they’ve found the best solution, but because time has run out.

“How many hours did your team spend on vendor research last month?” he asks.
“I already know the answer. Too many.”

The IT-Harvest Dashboard is designed to break that cycle.

What used to take weeks now takes minutes.