What is the expected value of the incident response and digital forensics services market in 2030?

Forecasts indicate USD 144.90 billion by 2030, rising at a 20.97% CAGR. Read More

Which service type is growing the fastest within this space?

Managed detection and response is advancing at a 26.5% CAGR due to continuous monitoring demand. Read More

Why are Asia-Pacific organizations increasing spending on incident response?

Rapid digitization, new data-protection laws, and surging attack volumes are driving a 24.9% CAGR in regional outlays. Read More

How do cyber-insurance requirements influence procurement decisions?

Many insurers mandate pre-arranged response retainers, making such contracts a prerequisite for policy approval and premium discounts. Read More

What factor most limits adoption among small and medium enterprises?

The combined burden of tool licensing costs and limited access to skilled digital-forensics staff slows uptake, despite rising threat pressure. Read More

Incident Response And Digital Forensics Services Market Size, Share & 2030 Growth Trends Report

Name: Incident Response And Digital Forensics Services Market Size, Share & 2030 Growth Trends Report
Creator: Mordor Intelligence
License: https://www.mordorintelligence.com/privacy-policy

Incident Response And Digital Forensics Services Market Size and Share

Market Overview

Study Period	2019 - 2030
Market Size (2025)	USD 55.94 Billion
Market Size (2030)	USD 144.90 Billion
Growth Rate (2025 - 2030)	20.97% CAGR
Fastest Growing Market	Asia Pacific
Largest Market	North America
Market Concentration	Medium
Major Players *Disclaimer: Major Players sorted in no particular order Image © Mordor Intelligence. Reuse requires attribution under CC BY 4.0.

Incident Response And Digital Forensics Services Market Summary — Image © Mordor Intelligence. Reuse requires attribution under CC BY 4.0.

Incident Response And Digital Forensics Services Market Analysis by Mordor Intelligence

The incident response and digital forensics services market size reached USD 55.94 billion in 2025 and is forecast to touch USD 144.90 billion by 2030, advancing at a 20.97% CAGR. Expanding ransomware campaigns, tougher breach-reporting rules, and widening operational-technology attack surfaces are propelling service demand as boards move from reactive to preventative spending. Mandated 24-hour notification windows under regulations such as the NIS2 Directive and parallel cyber-insurance clauses that require retained incident response partners are tilting preference toward specialized providers. Platform vendors are embedding artificial-intelligence tooling into forensics workflows, accelerating time to containment while reducing analyst fatigue. Geographic growth is broad-based, although the Asia-Pacific corridor is outpacing established regions on the back of rapid cloud adoption and fresh data-protection statutes. Continued consolidation signals that buyers favor integrated ecosystems able to bundle detection, response, and legal support within a single commercial construct.

Key Report Takeaways

By service type, incident-response retainer offerings held 32.2% of the incident response and digital forensics services market share in 2024, while managed detection and response is projected to log the highest 26.5% CAGR through 2030.
By deployment mode, on-premises solutions commanded 52.3% share of the incident response and digital forensics services market size in 2024; cloud deployment is forecast to grow at a 25.8% CAGR over the same period.
By end-user industry, banking, financial services, and insurance accounted for 24.1% revenue in 2024, whereas healthcare and life sciences are expected to expand at a 24.2% CAGR to 2030.
By organization size, large enterprises represented 64.3% of the incident response and digital forensics services market size in 2024; small and medium enterprises are advancing at a 28.1% CAGR to the end of the decade.
By geography, North America led with a 39.2% share in 2024, while Asia-Pacific is set to record the fastest 24.9% CAGR during the outlook period.

Global Incident Response And Digital Forensics Services Market Trends and Insights

Drivers Impact Analysis

Driver	(~) % Impact on CAGR Forecast	Geographic Relevance	Impact Timeline
Surge in frequency and sophistication of cyber-attacks	+6.2%	Global	Short term (≤ 2 years)
Stringent data-protection / breach-reporting regulations	+4.8%	North America and the EU	Medium term (2-4 years)
Growing adoption of cyber-insurance requires IR retainers	+3.5%	North America, expanding to Asia-Pacific	Medium term (2-4 years)
Board-level ESG accountability driving proactive IR	+2.7%	Global, concentrated in developed markets	Long term (≥ 4 years)
OT / ICS attack-surface expansion in critical industries	+2.1%	Global, emphasis on manufacturing hubs	Medium term (2-4 years)
XDR platform bundling of incident-response services	+1.8%	Global	Short term (≤ 2 years)
Source: Mordor Intelligence

Surge in Frequency and Sophistication of Cyber-Attacks

Latin American organizations encountered 40% more attacks than the global average in 2024, and global ransomware deployments climbed outside business hours in 76% of cases to maximize disruption. Attackers rely on valid credentials 71% more often than the prior year, shifting defense priorities toward identity controls.^{[1]IBM X-Force, “2024 Threat Intelligence Index,” ibm.com} Financial institutions remain priority targets, yet manufacturing now faces the highest ransomware load as downtime translates directly to revenue loss. Hybrid threat actors that blend state sponsorship with organized crime complicate attribution, demanding deeper forensics to separate espionage from financially motivated campaigns. These factors collectively accelerate deal flow for specialized response teams capable of swift containment across IT and operational-technology estates.

Stringent Data-Protection and Breach-Reporting Regulations

The NIS2 Directive expands coverage to 18 critical sectors and threatens fines of up to EUR 10 million (USD 10.9 million) or 2% of turnover for late disclosure. In the United States, new Securities and Exchange Commission rules compel listed firms to publish material incident details and demonstrate board oversight. Healthcare entities must also reconcile HIPAA requirements against mounting ransomware campaigns aimed at patient data. Data-localization statutes in China and Russia add complexity by restricting evidence transfer, thereby elevating demand for regional digital forensics capacity. Overall, regulations compress reporting timelines, raise the cost of non-compliance, and push even conservative enterprises toward pre-arranged response agreements.

Growing Adoption of Cyber-Insurance Requiring IR Retainers

Global cyber-insurance premiums are projected to hit USD 29 billion by 2027 as carriers tighten underwriting standards. Policy issuers now insist on formal incident-response retainers, recognizing that rapid intervention curbs loss severity. Asia-Pacific premium growth is running near 50% annually, reflecting broad first-time adoption among mid-market firms. Parametric insurance designs offer instant payouts after verified events, lowering claims friction and encouraging wider uptake. Together, these trends enlarge the addressable market for providers capable of combining legal, technical, and brokerage liaison roles within an integrated service stack.

Board-Level ESG Accountability Driving Proactive IR

Two-thirds of global enterprises intend to invest in artificial intelligence for security, driven partly by investor pressure linking cyber resilience to governance metrics.^{[2]Cybersecurity and Governance Team, “Emerging GRC Trends in Risk Management 2025,” cycoresecure.com} The compliance-as-a-service segment is similarly expanding, indicating rising comfort with outsourcing governance controls. Directors in regulated industries now face personal liability for oversight lapses, converting cybersecurity from an IT expense to an existential business risk. Remuneration packages increasingly embed incident-response readiness targets, incentivizing early detection tooling and tabletop exercises. This cultural shift moves procurement discussions from cost minimization toward demonstrable resilience, benefiting providers that supply measurable response-time improvements.

Restraints Impact Analysis

Restraint	(~) % Impact on CAGR Forecast	Geographic Relevance	Impact Timeline
Shortage of skilled DFIR professionals	-2.8%	Global, acute in developing markets	Long term (≥ 4 years)
High cost of advanced DFIR tools and services	-1.9%	Emerging markets, SME segment	Medium term (2-4 years)
Encryption and zero-trust are complicating evidence collection	-1.4%	Global, concentrated in regulated industries	Medium term (2-4 years)
Cross-border data-seizure and jurisdictional conflicts	-1.2%	Global, emphasis on multi-national operations	Long term (≥ 4 years)
Source: Mordor Intelligence

Shortage of Skilled DFIR Professionals

Digital forensics and incident response roles demand cross-disciplinary fluency in law, malware analysis, and evidence handling. Talent supply lags because tertiary programs are slow to adapt curricula covering cloud forensics, AI-assisted workflows, and multijurisdictional legal norms. Salary inflation follows, putting smaller providers at a disadvantage and lengthening engagement start times for clients in developing economies. High attrition rates also erode knowledge continuity, driving firms to automate preliminary triage wherever possible. Despite scholarship incentives, the pipeline is unlikely to close within the forecast horizon.

High Cost of Advanced DFIR Tools and Services

Sophisticated memory-forensics suites, threat-hunting platforms, and secure evidence vaults involve sizeable capital outlays plus ongoing license renewals. Small enterprises often postpone investment until after an incident, at which point recovery costs outweigh prior savings. Cloud-hosted evidence labs reduce some infrastructure expense, yet the most sensitive data sets still require on-premises processing under sovereignty mandates. Tiered managed-service offerings have improved affordability but introduce variability in response speed and depth. As a result, price sensitivity remains a barrier in budget-constrained verticals, moderating overall market velocity.

Segment Analysis

By Service Type – Retainers Underpin Preparedness While MDR Scales Faster

Incident-response retainer engagements accounted for 32.2% of the incident response and digital forensics services market size in 2024, reflecting enterprises’ preference for standing agreements that guarantee specialist availability during crises. Larger policy excesses in cyber-insurance contracts effectively push organizations toward retainers so that qualified responders can be mobilized within contractual notification windows. Adoption of managed detection and response, however, is cresting at a 26.5% CAGR as continuous telemetry ingest and automated response functions prove their worth in containing lateral movement. Across the next five years, providers integrating retainer structures with MDR subscriptions are likely to outperform those offering either discipline in isolation, particularly when augmented by legal and breach-coaching add-ons.

Digital forensics and investigation practices hold steady demand, powered by heightened evidentiary standards that insist on meticulous chain-of-custody documentation. Compromise-assessment and advanced threat-hunting engagements thrive when boards desire assurance following supply-chain intrusions or geopolitical flashpoints. A niche but growing cohort of legal, regulatory, and litigation-support specialists now advises on cross-border evidence transfers under varied data-privacy laws, ensuring that collected artifacts remain admissible. AI-augmented triage shortens dwell-time assessment cycles, freeing human analysts for hypothesis formulation and testimony preparation.

Incident Response And Digital Forensics Services Market: Market Share by Service Type — Image © Mordor Intelligence. Reuse requires attribution under CC BY 4.0.

Get Detailed Market Forecasts at the Most Granular Levels

Download PDF

By Deployment Mode – Cloud Uptake Pressures On-Premises Dominance

On-premises deployments retained 52.3% of the incident response and digital forensics services market share in 2024, sustained by sovereign data directives that oblige sensitive log storage within national borders. Financial services and defense agencies exemplify this stance, often running dedicated evidence labs inside secure facilities. Even so, cloud-hosted response frameworks are expanding at a 25.8% CAGR as encryption-in-use technologies and regional cloud zones address prior compliance roadblocks. Enterprises migrating workloads to multi-cloud architectures now prefer incident response platforms that scale elastically across geographic clusters.

Hybrid models are gaining favor because they permit local acquisition of volatile memory images while delegating heavy analytics to cloud-based sandboxes. Providers offering seamless transitions between environments mitigate latency during global investigations and cut infrastructure duplication. Cloud-native platforms also embed AI correlation engines that pivot across billions of telemetry points in minutes, an advantage difficult to replicate within constrained on-premises footprints. Accordingly, procurement teams are reevaluating ownership models, shifting capital budgets toward subscription-based cloud tooling that aligns cost with threat intensity.

By Organization Size – SME Adoption Accelerates Democratization

Large enterprises accounted for 64.3% of the incident response and digital forensics services market share in 2024, leveraging scale to negotiate multi-year retainer discounts and guarantee 24-hour on-site response. They regularly stage cross-departmental exercises, incorporating public relations and legal counsel into simulations. Small and medium enterprises show the fastest trajectory with 28.1% CAGR through 2030 as regulatory expectations and supply-chain mandates extend downstream. Insurance brokers increasingly refuse coverage unless proof of an incident response plan is presented at renewal, nudging SMEs toward managed-service contracts.

Budget constraints prompt SMEs to favor pay-as-you-go retainers and remote triage capabilities, avoiding the overhead of permanent security-operations staff. Providers that offer modular service tiers—such as evidence preservation only or ransom-negotiation advisory—unlock adoption among firms with tight margins. Educational grants and government subsidies in several economies aim to defray first-year retainer costs, fostering wider ecosystem resilience. Despite gains, SMEs still underperform large organizations in tabletop-drill frequency and log retention, leaving a sizable addressable gap.

Incident Response And Digital Forensics Services Market: Market Share by Organization Size — Image © Mordor Intelligence. Reuse requires attribution under CC BY 4.0.

Get Detailed Market Forecasts at the Most Granular Levels

Download PDF

By End-User Industry – Healthcare Momentum Challenges BFSI Primacy

Banking, financial services, and insurance organizations captured 24.1% of the incident response and digital forensics services market size in 2024, underpinned by mandatory penetration testing and baseline response-time metrics in prudential regulations. Threat actors prize payment data and real-time settlement platforms, necessitating layered response protocols that include coordinated law-enforcement notifications. Healthcare and life sciences entities, however, are projected to expand expenditure at a 24.2% CAGR as ransomware groups exploit critical-care urgency to extract larger payouts. Medical device interconnectivity increases the stakes, making downtime a patient-safety issue and elevating board oversight.

Manufacturing confronts a surge in operational-technology incursions where production stoppages translate into direct revenue loss. IT and telecom service providers face cascading obligations to shield downstream customer networks, while retail and e-commerce merchants tighten fraud analytics to protect brand loyalty. Energy and utilities operators are under heightened scrutiny as new critical-infrastructure lists expand beyond traditional power grids to include water treatment and renewables. These verticals prioritize response playbooks that blend cyber and physical incident scenarios, increasing demand for multidisciplinary engagement teams.

Geography Analysis

North America’s 39.2% revenue share in 2024 mirrors a mature cyber-insurance market and prescriptive regulations covering publicly traded firms and critical-infrastructure operators. Federal incident-reporting frameworks supply structured threat data that enrich provider analytics, reinforcing a virtuous cycle of improved detection efficacy. Canada benefits from bilateral intelligence-sharing pacts with the United States, while Mexico’s manufacturing corridor is onboarding retainer services to satisfy foreign parent-company directives.

Asia-Pacific is advancing at a 24.9% CAGR as governments implement data-protection laws that mirror European strictness, yet must contend with region-specific language and cultural nuances.^{[3]Commonwealth Cyber Journal, “Cybercrime in the Asia-Pacific Region,” commonwealth.int}China’s local-partner requirements restrict external providers, giving domestic firms an early-mover advantage. India’s policy drive toward critical information infrastructure protection underpins uptake among energy and telecom operators. Japan and South Korea channel subsidies into industrial-control incident labs following high-impact disruptions in semiconductor fabrication lines.

Europe’s harmonized NIS2 regime tightens requirements across 27 member states, boosting demand for multi-lingual response teams able to navigate divergent prosecutorial procedures. The United Kingdom registers the continent’s highest incident count, making it a bellwether for cross-sector best practices. Latin America confronts escalating threat volumes—40% above world averages—forcing local banks and utilities to engage international responders. Middle East and Africa markets remain younger but record strong policy momentum as national cyber-authorities roll out sovereign-cloud mandates and incident-coordination centers.

Incident Response And Digital Forensics Services Market CAGR (%), Growth Rate by Region — Image © Mordor Intelligence. Reuse requires attribution under CC BY 4.0.

Get Analysis on Important Geographic Markets

Download PDF

Competitive Landscape

The incident response and digital forensics services market is moderately fragmented yet trending toward consolidation as scale becomes critical for global coverage and AI-driven analytics. CrowdStrike, with annual recurring revenue above USD 4 billion, integrates automated triage into its Falcon platform, delivering sub-hour containment for credential-based breaches.^{[4]CrowdStrike Holdings, “Q1 FY 2026 Financial Results,” crowdstrike.com} Sophos’s USD 859 million absorption of Secureworks broadens managed detection offerings and embeds extended detection and response modules across the product stack. LevelBlue’s purchase of Trustwave produces a top-tier independent managed-security champion with federal authorization, underscoring the importance of compliance credentials in competitive bidding.

Platform convergence is evident as cloud infrastructure vendors embed incident response playbooks within native security suites, creating fresh tension for pure-play boutiques. Zscaler’s proposed acquisition of Red Canary aims to unite Zero Trust connectivity with seasoned threat-hunting skills, illustrating a move toward one-contract coverage of prevention and response disciplines. Artificial-intelligence innovation shapes differentiation: Belkasoft’s offline AI assistant accelerates artifact triage without breaching data-sovereignty rules. Meanwhile, Palo Alto Networks is poised to enlarge its AI security portfolio through its pending Protect AI transaction.

Mid-market managed-service providers continue to be absorbed as larger players chase geographic reach and vertical expertise. This roll-up trend often improves service-level availability by pooling incident-response teams across follow-the-sun shifts. However, integration complexity can stall tool rationalization, leaving customers temporarily navigating mixed portals. Overall, sustained double-digit growth ensures room for niche specialists with proprietary tooling, especially in digital forensics subdomains such as industrial control malware reverse-engineering or litigation advisory for cross-border data disputes.

Incident Response And Digital Forensics Services Industry Leaders

Mandiant LLC
CrowdStrike Holdings Inc.
IBM Corporation
Secureworks Inc.
Kroll LLC
*Disclaimer: Major Players sorted in no particular order

Incident Response and Digital Forensics Services Market Concentration — Image © Mordor Intelligence. Reuse requires attribution under CC BY 4.0.

Need More Details on Market Players and Competitors?

Download PDF

Recent Industry Developments

July 2025: LevelBlue completed its acquisition of Trustwave, forming the largest independent managed security service provider with expanded federal market access.
May 2025: Zscaler signed a definitive agreement to acquire Red Canary, adding managed detection and response depth to its Zero Trust architecture.
April 2025: Palo Alto Networks entered advanced talks to purchase Protect AI for USD 650-700 million, targeting AI security enhancements.
March 2025: CrowdStrike and NVIDIA unveiled Charlotte AI Detection Triage, doubling triage speed while slashing compute needs by 50%.

Table of Contents for Incident Response And Digital Forensics Services Industry Report

1. INTRODUCTION

1.1 Study Assumptions and Market Definition
1.2 Scope of the Study

2. RESEARCH METHODOLOGY

3. EXECUTIVE SUMMARY

4. MARKET LAND SCAPE

4.1 Market Overview
4.2 Market Drivers
- 4.2.1 Surge in frequency and sophistication of cyber-attacks
- 4.2.2 Stringent data-protection / breach-reporting regulations
- 4.2.3 Growing adoption of cyber-insurance requiring IR retainers
- 4.2.4 Board-level ESG accountability driving proactive IR
- 4.2.5 OT / ICS attack-surface expansion in critical industries
- 4.2.6 XDR platform bundling of incident-response services
4.3 Market Restraints
- 4.3.1 Shortage of skilled DFIR professionals
- 4.3.2 High cost of advanced DFIR tools and services
- 4.3.3 Encryption and zero-trust complicating evidence collection
- 4.3.4 Cross-border data-seizure and jurisdictional conflicts
4.4 Value Chain Analysis
4.5 Regulatory Land scape
4.6 Impact of Macroeconomic Factors
4.7 Technological Outlook
4.8 Porter's Five Forces Analysis
- 4.8.1 Threat of New Entrants
- 4.8.2 Bargaining Power of Suppliers
- 4.8.3 Bargaining Power of Buyers
- 4.8.4 Threat of Substitutes
- 4.8.5 Competitive Rivalry

5. MARKET SIZE AND GROWTH FORECASTS (VALUE)

5.1 By Service Type
- 5.1.1 Digital Forensics and Investigation
- 5.1.2 Incident-Response Retainer
- 5.1.3 Advanced Threat-Hunting and Compromise Assessment
- 5.1.4 Managed Detection and Response (MDR) / Managed IR
- 5.1.5 Legal, Regulatory and Litigation Support
5.2 By Deployment Mode
- 5.2.1 On-Premises
- 5.2.2 Cloud
- 5.2.3 Hybrid
5.3 By Organization Size
- 5.3.1 Large Enterprises
- 5.3.2 Small and Medium Enterprises
5.4 By End-User Industry
- 5.4.1 BFSI
- 5.4.2 Government and Defense
- 5.4.3 Healthcare and Life Sciences
- 5.4.4 IT and Telecom
- 5.4.5 Manufacturing
- 5.4.6 Retail and e-Commerce
- 5.4.7 Energy and Utilities
- 5.4.8 Others
5.5 By Geography
- 5.5.1 North America
- 5.5.1.1 United States
- 5.5.1.2 Canada
- 5.5.1.3 Mexico
- 5.5.2 South America
- 5.5.2.1 Brazil
- 5.5.2.2 Argentina
- 5.5.2.3 Rest of South America
- 5.5.3 Europe
- 5.5.3.1 United Kingdom
- 5.5.3.2 Germany
- 5.5.3.3 France
- 5.5.3.4 Italy
- 5.5.3.5 Spain
- 5.5.3.6 Russia
- 5.5.3.7 Rest of Europe
- 5.5.4 Asia-Pacific
- 5.5.4.1 China
- 5.5.4.2 India
- 5.5.4.3 Japan
- 5.5.4.4 South Korea
- 5.5.4.5 Southeast Asia
- 5.5.4.6 Rest of Asia-Pacific
- 5.5.5 Middle East and Africa
- 5.5.5.1 Middle East
- 5.5.5.1.1 Saudi Arabia
- 5.5.5.1.2 United Arab Emirates
- 5.5.5.1.3 Turkey
- 5.5.5.1.4 Rest of Middle East
- 5.5.5.2 Africa
- 5.5.5.2.1 South Africa
- 5.5.5.2.2 Nigeria
- 5.5.5.2.3 Egypt
- 5.5.5.2.4 Rest of Africa

6. COMPETITIVE LANDSCAPE

6.1 Market Concentration
6.2 Strategic Moves
6.3 Market Share Analysis
6.4 Company Profiles (includes Global level Overview, Market level overview, Core Segments, Financials as available, Strategic Information, Market Rank/Share for key companies, Products and Services, and Recent Developments)
- 6.4.1 Mand iant LLC (Google Cloud)
- 6.4.2 CrowdStrike Holdings Inc.
- 6.4.3 IBM Corporation – X-Force IR
- 6.4.4 Secureworks Inc.
- 6.4.5 Kroll LLC
- 6.4.6 NCC Group plc
- 6.4.7 Palo Alto Networks Inc. (Unit 42)
- 6.4.8 Rapid7 Inc.
- 6.4.9 Deloitte Touche Tohmatsu Ltd. Cyber IRT
- 6.4.10 PwC Advisory Services LLP Cyber Threat Ops
- 6.4.11 Ernst and Young Global Ltd. Cyber IRT
- 6.4.12 Accenture Security Incident Response
- 6.4.13 Booz Allen Hamilton Holding Corp.
- 6.4.14 Trustwave Holdings Inc.
- 6.4.15 BAE Systems AI Incident Response
- 6.4.16 FireEye (as a Service)
- 6.4.17 Verizon Business IRT
- 6.4.18 AT&T Cybersecurity IR
- 6.4.19 Cisco Talos IR Services
- 6.4.20 Optiv Security Inc.
- 6.4.21 Arctic Wolf Networks Inc.
- 6.4.22 Kudelski Security SA
- 6.4.23 F-Secure Corporation
- 6.4.24 CGI Inc. Cyber Incident Response
- 6.4.25 SecureLink NV (Orange Cyberdefense)
- 6.4.26 S-&-T AG Digital Forensics

7. MARKET OPPORTUNITIES AND FUTURE OUTLOOK

7.1 White-space and Unmet-Need Assessment

*List of vendors is dynamic and will be updated based on customized study scope

You Can Purchase Parts Of This Report. Check Out Prices For Specific Sections

Get Price Break-up Now

Global Incident Response And Digital Forensics Services Market Report Scope

By Service Type

Digital Forensics and Investigation

Incident-Response Retainer

Advanced Threat-Hunting and Compromise Assessment

Managed Detection and Response (MDR) / Managed IR

Legal, Regulatory and Litigation Support

By Deployment Mode

On-Premises

Cloud

Hybrid

By Organization Size

Large Enterprises

Small and Medium Enterprises

By End-User Industry

BFSI

Government and Defense

Healthcare and Life Sciences

IT and Telecom

Manufacturing

Retail and e-Commerce

Energy and Utilities

Others

By Geography

North America	United States
	Canada
	Mexico
South America	Brazil
	Argentina
	Rest of South America
Europe	United Kingdom
	Germany
	France
	Italy
	Spain
	Russia
	Rest of Europe
Asia-Pacific	China
	India
	Japan
	South Korea
	Southeast Asia
	Rest of Asia-Pacific

Middle East and Africa	Middle East	Saudi Arabia
		United Arab Emirates
		Turkey
		Rest of Middle East

	Africa	South Africa
		Nigeria
		Egypt
		Rest of Africa

By Service Type	Digital Forensics and Investigation
	Incident-Response Retainer
	Advanced Threat-Hunting and Compromise Assessment
	Managed Detection and Response (MDR) / Managed IR
	Legal, Regulatory and Litigation Support
By Deployment Mode	On-Premises
	Cloud
	Hybrid
By Organization Size	Large Enterprises
	Small and Medium Enterprises
By End-User Industry	BFSI
	Government and Defense
	Healthcare and Life Sciences
	IT and Telecom
	Manufacturing
	Retail and e-Commerce
	Energy and Utilities
	Others

By Geography	North America	United States
		Canada
		Mexico

	South America	Brazil
		Argentina
		Rest of South America

	Europe	United Kingdom
		Germany
		France
		Italy
		Spain
		Russia
		Rest of Europe

	Asia-Pacific	China
		India
		Japan
		South Korea
		Southeast Asia
		Rest of Asia-Pacific

	Middle East and Africa	Middle East	Saudi Arabia
			United Arab Emirates
			Turkey
			Rest of Middle East

		Africa	South Africa
			Nigeria
			Egypt
			Rest of Africa