In the past, enterprise cybersecurity responsibilities were tilted toward oversight rather than hands-on operations and technology procurement. Security analysts were counted on for incident detection and response, but aside from this function CISOs helped organizations develop and enforce the right policies. Meanwhile, functional IT groups selected, deployed, and operated security products.\u00a0Take network security for example. A few years ago, there was a pretty common division of labor \u2013 security professionals defined requirements and the networking team purchased and operated network security technologies like firewalls, proxy servers, and IDS\/IPS.\u00a0That was then, this is now, and things are changing quickly. ESG research indicates that 47% of enterprise organizations (i.e. more than 1,000 employees) now have a dedicated network security group responsible for the whole enchilada (note: I am an ESG employee). The most important aspect of this transition is that this group ultimately reports to the CISO and not the VP of network operations.Beyond network security, many CISOs are establishing a new group of security intelligence\/malware\/threat management\/forensic\/SOC experts that ESG has dubbed the \u201ccybersecurity cavalry.\u201d The cybersecurity cavalry is made up of highly skilled and well-armed troops that establish security outposts to encounter adversaries out on the frontier. In other words, the cybersecurity cavalry has the authority, skills, and budgets to take all reasonable actions necessary to prevent, detect, and respond to attacks.\u00a0Given this responsibility, the cybersecurity cavalry is being given ownership of territory previously owned by other security and functional IT groups. To be more specific, this authority includes elements of network security (NGFW, anti-malware gateways, SSL decryption, etc.), endpoint security (advanced anti-malware tools, endpoint forensics), and all of security analytics (SIEM, network forensics, endpoint forensics, threat intelligence, etc.). In most cases, the cybersecurity cavalry isn\u2019t concerned with legacy technologies already in place. On the contrary, it is building a new technology infrastructure from the ground up, specifically designed to block, uncover, and thwart cybersecurity attacks as quickly as possible.\u00a0Based upon numerous discussions I\u2019ve had with CISOs, the cybersecurity cavalry isn\u2019t a passing fad but rather a major organizational shift that is gaining momentum. Indeed, large organizations are rapidly adding headcount and increasing budgets for this group. I\u2019ve also seen financial services, defense contractors, and retail organizations giving CISOs the cybersecurity equivalent of eminent domain, allowing them to commandeer IT segments, sound alarm bells, and establish active network policy enforcement actions to improve threat response \u2013 even if these actions may temporarily disrupt business operations. This type of authority was unheard of in the past.\u00a0The burgeoning cybersecurity cavalry model is impacting the market landscape in several ways:Network security is tilting away from the network toward security. Given the cybersecurity cavalry\u2019s influence, network security technologies are gaining independence from the networking team and its switching\/routing companions. This is a major shift from past behavior that favors security arms dealers like Blue Coat, Check Point, FireEye, Fortinet, IBM, McAfee, Palo Alto Networks, and Trend Micro. Cisco gets this shift, which is one reason why it purchased Sourcefire. In aggregate, this trend means that billions of dollars of network security sales are truly in play.The hiring wars will get even hotter.\u00a0Elite cybersecurity cavalry troops are in high demand but there aren\u2019t nearly enough to go around. Expect hyper salary inflation over the next few years. Time for Washington and Silicon Valley to stop sitting on their collective hands and invest more dough in cybersecurity education programs.AV vendors are at a disadvantage.\u00a0Many enterprises are giving the cybersecurity cavalry carte blanche oversight and purchasing authority to improve endpoint security. While this will lead to a new round of robust endpoint security investment, the cybersecurity cavalry commands an elitist and highly technical perspective on what\u2019s needed and what works. This will drive them toward more cerebral endpoint security vendors like AccessData, Bit9, Bromium, Confer, Digital Guardian, and Raytheon, rather than the traditional AV crowd.Ditto for SIEM vendors.\u00a0Right or wrong, the cybersecurity cavalry equates SIEM with IDS\/IPS alert, firewall log management, and compliance reporting. This will lead them to eschew traditional SIEM vendors in favor of big data security analytics firms like Click Security, LogRhythm, Narus, RSA, and Splunk.Finally, many enterprises don\u2019t have the skills, staff size, or budgets to establish a cybersecurity cavalry of their own. As a result, phones will be ringing off the hook at MSSPs like BT, CSC, Dell\/SecureWorks, Unisys, Symantec, and Verizon.