Andrew Bartels

Vice President, Principal Analyst serving CIOs

Andy is a member of Forrester's Business Technology Futures team, which serves CIOs and their business partners by predicting the long-term business impact of information technology. His research focus is on smart computing and analytics and tech-driven business transformation, analyzing the shifting economics of the industry, including spending, budgeting, and the influence of macroeconomic trends.

He also researches the growing customization of IT systems for industry-specific applications, especially in the utilities, energy, and professional services sectors. He is also a thought leader in the sourcing and procurement technology markets.

Previous Work Experience

Andy has extensive experience in the technology market and in strategic planning, both as an analyst and a practitioner in the business world. He came to Forrester through its acquisition of Giga Information Group in 2003, where he had worked as a vice president and research leader since 1998. Prior to joining Giga, Andy held a variety of vice president positions at American Express in the chairman's office, technologies, strategic planning, and re-engineering. Before joining American Express, Andy worked as an economist, writer, and editor for various organizations, including Shearson Lehman Brothers; the US House of Representatives' Committee on Banking, Finance, and Urban Affairs; and the Council on Wage and Price Stability in the Executive Office of the President.

Andy has been a regular participant in Forrester's IT Forum conferences, delivering keynote addresses in 2006 and 2007 with colleagues on the future of software. He has also been a recurring presenter at Conference Board conferences on eProcurement and eSourcing. He has been quoted in leading business and technology publications, including BusinessWeek, The Economist, The New York Times, and The Wall Street Journal.


Andy earned a B.A. in philosophy from Haverford College and a Ph.D. in history from Johns Hopkins University.

Refine your results

Date Range







32 results in Reports

  • Andrew Rose
  • For Security & Risk Professionals

    Report:Quick Take: Stem The "Heartbleed"

    How To Fix A Broken OpenSSL Implementation And What To Do While Everyone Else Fixes Theirs

    To secure eCommerce, banking, healthcare, and other high-risk transactions, many security pros use the secure socket layer/transport layer security (SSL/TLS) protocol to encrypt sensitive information...

    • Downloads: 360
  • For Security & Risk Professionals

    Report:Twelve Recommendations For Your Security Program In 2014

    Customer Trust And Digital Disruption Are Key Considerations For Your 2014 Security Strategy

    Every winter Forrester outlines 12 important recommendations for your security and risk management strategy for the coming year. These recommendations stem from our understanding of the current state...

    • Downloads: 806
  • For Security & Risk Professionals

    Report:Build A High-Performance Security Organization

    Executive Overview: The S&R Practice Playbook

    Today, business leaders expect the CISO to not only protect the organization from run-of-the-mill hackers but to also protect its brand and competitive advantage in the marketplace — all while...

    • Downloads: 786
  • For Security & Risk Professionals

    Report:Building An Effective Information Security Policy Framework

    CISOs Need To Act To Realize True Business Benefit From Security Policy

    As information security has become more widely understood, the majority of organizations have built a set of supporting policies. Unfortunately, many of these are slowly drifting toward irrelevance...

    • Downloads: 755
  • For Security & Risk Professionals

    Report:Measuring Security Awareness To Enhance The Human Firewall

    How To Measure The Effectiveness Of Your Security Awareness Program

    The importance of the human aspect of information security has long been recognized, and CISOs have reacted by peddling the security message to all who will listen, and many who won't; yet still we...

    • Downloads: 295
  • For Security & Risk Professionals

    Report:Recruit And Retain An Information Security Team

    Skills And Staffing: The S&R Practice Playbook

    This report outlines the skills and staffing strategy for Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. We...

    • Downloads: 563
  • For Security & Risk Professionals

    Report:Prepare Your Security Organization For The Internet Of Things

    Why The Next Internet Revolution Is Much More Alarming Than The Last

    There is a revolution happening right now; innovative organizations are planning how they can merge the physical and digital worlds to bring new products and experiences to their customers. At the...

    • Downloads: 585
  • For Security & Risk Professionals

    Report:Build A Strategic Security Program And Organization

    Strategic Plan: The S&R Practice Playbook

    This report outlines the strategic vision of Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. This report is...

    • Downloads: 2814
  • For Customer Insights Professionals

    Report:Is Your Customer Insights Practice Ready For EU Privacy?

    Q&A: EU Privacy Regulations

    This report, originally written for security and risk professionals, is of critical importance to customer insights (CI) professionals as well. The European Union is poised to increase demands of...

    • Downloads: 116
  • For Security & Risk Professionals

    Report:Develop A Change Plan For Your Security Program

    Stakeholder Needs: The S&R Practice Playbook

    This report maps out the key stakeholders for Forrester's solution for security & risk (S&R) professionals looking to build a high-performance security program and organization. This report is...

    • Downloads: 670
  • For Security & Risk Professionals

    Report:Forrester's Security Awareness Assessment

    The Forrester Security Awareness Assessment Tool was created to accompany the report entitled "Measuring Security Awareness To Enhance The Human Firewall." Recognizing the problems of measuring...

    • Downloads: 50
  • For Security & Risk Professionals

    Report:Navigate The Future Of The Security Organization

    Future Look: The S&R Practice Playbook

    This report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed...

    • Downloads: 1108
  • For Security & Risk Professionals

    Report:Q&A: Cyberinsurance Fundamentals For Security And Risk Professionals

    Since cyberinsurance first emerged in the late '90s, the number of available policies, the scope of those policies, and the number of insurers offering them have all significantly increased. Due to...

    • Downloads: 81
  • For Security & Risk Professionals

    Report:Enforce A Just Culture To Fortify The Human Firewall

    Transform Impotent Policies Into The Foundation Of Your Security Program

    In the continually changing landscape of internal and external security threats, S&R professionals must constantly assess the efficacy of their security programs. Although policy is at the core of...

    • Downloads: 97
  • For Security & Risk Professionals

    Report:Security Needs To Accelerate Into The Age Of The Customer Or Risk Marginalization

    How Information Security Underpins And Enables Successful Business Models

    The age of the customer is redefining business challenges for organizations of all types. Companies are becoming "obsessed" in an attempt to win, serve, and retain customers, because these customers...

    • Downloads: 134
  • For Security & Risk Professionals

    Report:Executive Spotlight: How CISOs Can Meet (And Surpass) The CIO's Expectations

    Planning The Journey From Safe Pair Of Hands To Trusted Advisor

    Next-generation CIOs and their teams face the challenge of fulfilling consumer expectations and the demands of digital natives while still meeting appropriate budgetary, governance, and performance...

    • Downloads: 229
  • For Security & Risk Professionals

    Report:What You Must Know About Data Privacy Regulations In Asia Pacific

    Be Ready To Comply With Dynamic Regulatory Changes

    Understanding the laws and regulations that govern data privacy across your organization is critical for any company, but it can be challenging. As a result, too many security and risk (S&R)...

    • Downloads: 325
  • For Security & Risk Professionals

    Report:The Forrester Wave™: Information Security Consulting Services, Q1 2013

    Ernst & Young, Deloitte, IBM, Accenture, PwC, And KPMG Lead, With Wipro Following Close Behind

    The information security consulting market is growing explosively because security and risk professionals often lack the skill and bandwidth to accomplish their increasingly difficult mission. To...

    • Downloads: 1020
  • For Security & Risk Professionals

    Report:The CISO's Handbook — Presenting To The Board

    How To Communicate Effectively At The Highest Level

    Your ability to communicate can mean the difference between success and failure in many aspects of your professional life, and it becomes even more important when trying to get the attention of an...

    • Downloads: 910
  • For Security & Risk Professionals

    Report:Top 15 Trends S&R Pros Should Watch: 2014

    Each year, analysts from across Forrester's security and risk research team draw insight from our hundreds of enterprise questions, vendor briefings, and consultations; the 25-plus research projects...

    • Downloads: 399
  • For Security & Risk Professionals

    Report:Build An Information Security Management System

    Policy And Procedures: The S&R Practice Playbook

    Over recent years, the information security industry has matured nicely; experts and associations have documented many best practice models, and their adoption has been widespread. It's disconcerting...

    • Downloads: 1020
  • For Security & Risk Professionals

    Report:Quick Take: FedRAMP Update Impacts Government Cloud Providers In June 2014

    If you do business with the US federal government or practice security and risk management for an agency, there are changes to the Federal Risk and Authorization Management Program (FedRAMP) baseline...

    • Downloads: 114
  • For Security & Risk Professionals

    Report:Evolve To Become The 2018 CISO Or Face Extinction

    The Progression Of Security Leadership Places Existing CISOs In Peril

    As the role of technology leadership in the enterprise becomes more about managing third parties, battling complexity, controlling costs, and aligning with business strategy, the role of the CISO is...

    • Downloads: 381
  • For Security & Risk Professionals

    Report:Executive Spotlight: Selling Security To The CMO

    An Outline Of CMO Priorities, And The Five Questions Every CISO Should Ask The CMO

    The age of the customer is redefining business challenges for organizations of all types. Rather than paying lip service to "customer care," they now must become "customer-obsessed" to retain market...

    • Downloads: 201
  • For Security & Risk Professionals

    Report:Role Job Description: Chief Information Security Officer

    The role of the chief information security officer (CISO) is increasingly central to many organizations; however, it has many guises. No two CISOs have exactly the same roles and responsibilities,...

    • Downloads: 833