Yohay Etsion

How I got here

I spent 17 years inside two product organisations before I started writing about the cyber market from the outside.

At NICE I ran product for the analytics and customer-experience portfolio. At Cognyte (the security intelligence business that spun out of Verint) I led product across the platform. Across both companies I owned roughly 30-person product organisations and roughly USD 200M of portfolio scope. I sat across the table from hundreds of enterprise buyers, sold into governments and regulated verticals, and shipped products that ran in production at scale.

What I learned, over and over, is that the buyer conversation about a category is almost never the conversation the vendor-marketing layer is having. The research on this site is what I would have wanted to read when I was the buyer, the seller, and the product builder, in the same week.

What I have written

Leading the Charge is my book on running modern product organisations. It is published and available. The argument: product leadership is a set of operating disciplines, not a personality, and the disciplines are teachable.

Vision to Value is forthcoming in 2026. It is the field manual for turning a product strategy into a system that compounds across quarters instead of resetting every planning cycle. It draws on the same operating patterns I used at NICE and Cognyte.

Both books inform the research voice on this site. The cyber-market reports are not journalism. They are operator analysis grounded in the same patterns the books cover.

What this research is, and what it is not

ProductBeacon Research is open-web research. Every claim in every chapter cites a public source. No vendor sponsors the work. No analyst-relations team previews the chapters. The Verifiable Proxy Rule (see the methodology page) means every Pattern Claim can be falsified by a named, public event.

What the research deliberately does not cover:

• Private financials of pre-IPO vendors beyond what their public filings, customer disclosures, or named press coverage reveal. We do not infer ARR from headcount or guess at burn rates.
• Identity, endpoint, network, and SOC categories. The four chapters (IRM, DLP, DSPM, and the Convergence Synthesis) are bounded by design. Adjacent categories will get their own research surface when warranted.
• Vendor product roadmaps under NDA. If a roadmap detail is not on a public earnings call, a customer-facing keynote, or a regulatory filing, it is not in the report.
• Geographies outside North America and Europe. APAC and LATAM cyber dynamics are sufficiently different that they deserve their own treatment, not a footnote.

Biases worth naming: my operator background is enterprise-software, not pure-play security. I read the category through a product-organisation lens, not a threat-intel lens. Readers who want red-team-grounded analysis should treat this site as a complement, not a substitute.

Disclosure

I serve as Head of Product (Fractional) at AXIA, a data-loss-prevention vendor. The DLP chapter of this report covers the DLP category, which includes AXIA. The other three chapters do not. Coverage, ranking, and pattern claims in every chapter are mine alone; AXIA had no editorial input and no review rights, and no vendor pays for inclusion or placement. Sources, citations, and methodology are open at /research/methodology.

Research questions

Research questions: [email protected]

I read every message. I do not run a sales motion off this address. If you are an analyst, operator, or buyer with a question about the methodology or a specific Pattern Claim, this is the right channel.

Where to start

• Pre-Call Briefing Pack. 60-minute pre-read. Three Pattern Claims, three buyer choices, the falsifiable tests behind each. /research/state-of-cyber-2026/pre-call-brief.html
• Report Digest. 14-page chapter-by-chapter synthesis. /research/state-of-cyber-2026/synthesis.html
• The four chapters. Insider Risk Management, Data Loss Prevention, Data Security Posture Management, and the Convergence Synthesis. /research/state-of-cyber-2026/
• Methodology. Sourcing rules, the Verifiable Proxy Rule, refresh cadence, disclosure framework. /research/methodology.html