Forrester

For Security & Risk Professionals

Blog:Hackers Vs. Executives Is Back

Our next installment of "Hackers vs. Executives" is just weeks away.  Join us at the Forrester Security Forum and sit in on one of the most popular sessions of the event each year. We have a...

For Security & Risk Professionals

Tool:Forrester Wave™: Email Content Security, Q4 '12

For Security & Risk Professionals

Blog:An Unexpected RSA Encounter

Last Friday, after a long week of RSA conference events and meetings, I eagerly looked forward to slipping on my headphones and enjoying the relative silence of my flight back to Dallas. As I...

For Security & Risk Professionals

Report:The CISO's Guide To Virtualization Security

Get Off The Bench And Look Into Your Virtual Environment

In today's data centers, IT often virtualizes new applications and workloads by default. Virtualization is the norm; deploying a physical server is the exception. The technology is mature and...

• Downloads: 862
• Rating:

For Security & Risk Professionals

Blog:Observations on the 2013 Verizon Data Breach Investigations Report

I was very excited to finally get a copy of the much-anticipated 2013 Verizon Data Breach Investigations Report (DBIR.)  I have found the report to be valuable year after year.  This is the...

For Security & Risk Professionals

Client Inquiry:What Are The Best Antivirus Products In The Market?

We're looking for some information about antivirus products. What's the best technology available in the market?

For Security & Risk Professionals

Client Inquiry:What Is The Industry-Standard Definition Of "Intrusion"?

I'm looking for an industry-standard definition of an "intrusion," including examples, scope, and scale if applicable. We have reporting obligations to the FBI and DSS for cyber intrusions.

For Security & Risk Professionals

Blog:Incident Response Isn’t About Point Solutions; It’s About An Ecosystem

Today EMC announced the acquisition of Silicium Security.  Silicium’s ECAT product is a malware threat detection and response solution.  ECAT did not adopt the failed signature based...

For Security & Risk Professionals

Blog:Dusting Off Our Content Security Crystal Ball

Winter is coming; the year is quickly drawing to a close, and its time to a look back and see how accurate our content security crystal ball was for 2011.  Last year we predicted three trends;...

For Security & Risk Professionals

Blog:My Threat Intelligence Can Beat Up Your Threat Intelligence

Have you ever been in a vendor meeting and heard the vendor extol the greatness of their threat intelligence?  You may have even seen a slide that looks similar to this: The vendor probably...

For Security & Risk Professionals

Report:Defend Your Data From Mutating Threats With A Zero Trust Network

Executive Overview: The Security Architecture And Operations Playbook

We've all heard about the "evolving threat landscape." In biology, evolution is a process that takes millions of years to occur as a result of small changes in successive generations. Mutations, on...

• Downloads: 302

For Security & Risk Professionals

Report:Seven Habits Of Highly Effective Incident Response Teams

Assessment: The Security Architecture And Operations Playbook

Given the continued metastasizing of the threat landscape, it comes as no surprise that enterprises should possess mature incident response capabilities that are built on staff, augmented by...

• Downloads: 202
• Rating:

For Security & Risk Professionals

Blog:Observations From Black Hat - More Defense Please

Last week I had the opportunity to attend the 15th annual Black Hat security conference in Las Vegas. I have attended DEFCON in the past, but never Black Hat. The conference has grown significantly...

For Security & Risk Professionals

Blog:Shoulder Surfing The Friendly Skies

FAIL at 30,000ish feet  When you fly nearly every week, you can get pretty bored on a plane.  When I am sick of working, playing games, or watching movies, my latest distraction is checking...

For Security & Risk Professionals

Report:The Forrester Wave™: Email Content Security, Q4 2012

The Nine Providers That Matter Most And How They Stack Up

In Forrester's 47-criteria evaluation of email content security vendors, we identified the nine most significant vendors in the category and researched, analyzed, and scored them: Barracuda Networks,...

• Downloads: 461
• Comments: 3
• Rating:

For Security & Risk Professionals

Blog:Introducing Forrester's Cyber Threat Intelligence Research

We have started a new report series on Cyber Threat Intelligence.  The first report, "Five Steps To Build An Effective Threat Intelligence Capability," is designed to help organizations...

For Security & Risk Professionals

Client Inquiry:How Should We Balance Spam-Filtering Risks?

What standards — if any — exist as to file types to block? Are zip files still viewed as a significant security risk, and if so, how do organizations balance the business need to access...

For Security & Risk Professionals

Report:Five Steps To Build An Effective Threat Intelligence Capability

Tools And Technology: The Security Architecture And Operations Playbook

Against today's mutating threat landscape and sophisticated cybercriminals, security and risk (S&R) professionals are outgunned and outmatched. The traditional strategy of waiting for an alert and...

• Downloads: 470
• Comments: 2
• Rating:

For Security & Risk Professionals

Blog:The Content Security Forecast Calls For Clouds

I am very excited to introduce my first Forrester report, "The Content Security Forecast Calls For Clouds."  I wrote the report to help guide your strategy on SaaS based email and web content...

For Security & Risk Professionals

Report:Planning For Failure

An Effective Incident Management Program Is Essential To Help You Stay In Business

It's not a question of if — but when — your organization will experience a serious security breach. Cybercriminals are using more sophisticated and targeted attacks to steal everything...

• Downloads: 670

For Security & Risk Professionals

Blog:Kim Kardashian And APTs

On Wednesday, American footwear company Skechers agreed to pay the US Federal Trade Commission $40 million. This settlement resulted from a series of commercials that deceived consumers claiming that...

For Security & Risk Professionals

Blog:Expense In Depth And The Trouble With The Tribbles

You remember the tribbles don't you? The cute, harmless looking alien species from the second season of the original Star Trek that turn out to be anything but benign. They are born pregnant and...

For Security & Risk Professionals

Client Inquiry:How Do Data Leak Prevention And Information Rights Management Solutions Compare?

Could you provide information on data leak prevention (DLP) versus information rights management (IRM) solutions? Do you recommend one or the other or both? What vendors play in this space?

For Security & Risk Professionals

Blog:Crowdsourcing my RSA panels

The San Francisco RSA conference is now less than two weeks away, and this year I am moderating two great panels. I thought I'd reach out and solicit suggestions for discussion.  ...

For Security & Risk Professionals

Report:The Content Security Forecast Calls For Clouds

The Benefits Of The SaaS Model Outweigh The Challenges

As the market for software-as-a-service (SaaS) content security continues to mature, security and risk professionals want to know if it's time for their organization to make the transition to the...

• Downloads: 649
• Rating: