Cybersecurity in the Public Sector Intensifies due to Escalating Cyber Threats, According to ISG
The U.S. public sector is beefing up its cybersecurity defences, according to a new report by Information Services Group (ISG). The 2025 ISG Provider Lens Cybersecurity-Services and Solutions report for the U.S. Public Sector evaluates the capabilities of 86 providers, highlighting the top players in the field.
The report names IBM as a Leader in five quadrants, with Accenture, Capgemini, Deloitte, EY, HCLTech, and Infosys each recognised as Leaders in three quadrants. Broadcom, Fortinet, KPMG, Microsoft, Palo Alto Networks, and Unisys are Leaders in two quadrants, while Cato Networks, Check Point Software, Cisco, CrowdStrike, CyberArk, Forcepoint, Leidos, ManageEngine, Netskope, Okta, One Identity (OneLogin), Ping Identity, SailPoint, Saviynt, SentinelOne, Trellix, Trend Micro, Versa Networks, and Zscaler are named as Leaders in one quadrant each.
PwC, meanwhile, stands out as the global ISG Customer Experience (CX) Star Performer for 2025 among cybersecurity service and solution providers, indicating high customer satisfaction.
The comprehensive evaluation covers six major cybersecurity service quadrants specific to the U.S. public sector: Identity and Access Management (IAM), Extended Detection and Response (XDR), Security Service Edge (SSE), Technical Security Services, Strategic Security Services, and Next-Gen Security Operations Center / Managed Detection and Response (SOC/MDR) Services.
The report underscores the importance of these service providers in the U.S. public sector's cybersecurity and resilience, demonstrating return on investment and helping agencies meet strict compliance requirements.
Federal, state, and local agencies in the U.S. public sector face increasingly sophisticated attackers targeting critical infrastructure and citizen data. In response, many public-sector agencies are adopting managed detection and response services due to internal resource constraints.
The report also explores global cybersecurity technology trends, including the increasing adoption of Identity and Access Management (IAM), extended detection and response (XDR), and security service edge (SSE). Agencies are also deploying cloud security posture management and workload protection platforms to protect sensitive applications across distributed systems.
Moreover, the report suggests that risks to the public sector arise from supply chain issues and the convergence of IT and OT systems. To combat these threats, organisations are using AI tools to enhance threat detection and conduct predictive analysis in their cybersecurity efforts.
In the area of customer experience, PwC is named the global ISG CX Star Performer for 2025 among cybersecurity service and solution providers. BeyondTrust, HPE (Aruba), Sophos, and Wipro are named as Leaders in one quadrant each. Leidos is named as a Rising Star in two quadrants.
The report is available to subscribers or for one-time purchase on the provided webpage. A customized version of the report is available from Unisys. An early notification system prevented a major ransomware attack against transportation infrastructure in the U.S. in 2023, underscoring the crucial role service providers play in the U.S. public sector's cybersecurity.
- The U.S. public sector is leveraging technology, particularly cybersecurity solutions, to bolster their defenses, as demonstrated by IBM's leadership in five quadrants in the 2025 ISG Provider Lens Cybersecurity-Services and Solutions report.
- As the federal, state, and local agencies in the U.S. public sector grapple with increasingly sophisticated cyberattacks, they are adopting technology trends such as Identity and Access Management (IAM), extended detection and response (XDR), and security service edge (SSE) to fortify their systems and comply with strict regulations.
