Cloud Migration
The organisation moves a workload, a business unit, or the whole estate to AWS, Azure, GCP, or a multi-cloud architecture. Security tooling built for on-prem stops applying.
The cloud security lead emerges as a buyer. The CISO loses some leverage to the head of cloud / platform / SRE. Architecture decisions get made before tools are evaluated.
Greenfield replacement. The on-prem stack does not migrate; new tools get adopted in the new environment. Vendors with marketplace listings and cloud-commit drawdown options have a structural advantage.
Migration cycle (often 6–18 months). The buying window is early in the migration, not at the end.
Showing up after the cloud architecture decision. The CNAPP / CSPM choice gets made alongside the cloud-platform decision, not after. Vendors who are not in the conversation in month 1-3 of the migration are usually out.