Forrester

For Security & Risk Professionals

Report:Build Security Into Your Network's DNA: The Zero Trust Network Architecture

Strategic Plan: The Security Architecture And Operations Playbook

One of our goals with Zero Trust is to optimize the security architectures and technologies for future flexibility. As we move toward a data-centric world with shifting threats and perimeters, we...

• Downloads: 1528
• Rating:

For Security & Risk Professionals

Client Inquiry:What Are Current Trends In Remote Access And SSL Functionality?

We are currently exploring all remote access options, particularly SSL functionality. What kind of trends are you are seeing in these areas?

For Security & Risk Professionals

Report:PCI X-Ray: Assessments And Testing

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

• Downloads: 366

For Security & Risk Professionals

Report:Rethinking DLP: Introducing The Forrester DLP Maturity Grid

Assessment Framework: The Data Security And Privacy Playbook

Data loss prevention or protection (DLP) — depending upon your usage — is both one of the hottest topics and most difficult challenges among information security professionals today. In...

• Downloads: 1027
• Rating:

For Security & Risk Professionals

Client Inquiry:How Should We Select Unified Threat Management Vendors?

We are in the process of selecting unified threat management (UTM) vendors. We have completed a decision analysis based on a technical needs assessment, but we need help narrowing down our vendors....

For Security & Risk Professionals

Blog:Preview Of PCI DSS 1.3 – Oops 2.0 – Released

The PCI Security Standards Council released the summary of changes for the new version of PCI — 2.0.  Merchants, you can quit holding your breath as this document is a yawner...

For Security & Risk Professionals

Report:Top 15 Trends S&R Pros Should Watch: Q2 2013

From frantic security operations problems to the changing threat landscape, CISOs, senior security leaders, and other IT risk management leaders consistently have trouble keeping up with key trends...

• Downloads: 290
• Rating:

For Security & Risk Professionals

Report:Pull Your Head Out Of The Sand And Put It On A Swivel: Introducing Network Analysis And Visibility

Essential Functionality For The Zero Trust Model Of Information Security

In today's threat environment, the network perimeter has disappeared. Insiders are as insidious a threat as outsiders. In the past, the "trust but verify" model did not facilitate insight into...

• Downloads: 890

For Security & Risk Professionals

Report:Defend Your Data From Mutating Threats With A Zero Trust Network

Executive Overview: The Security Architecture And Operations Playbook

We've all heard about the "evolving threat landscape." In biology, evolution is a process that takes millions of years to occur as a result of small changes in successive generations. Mutations, on...

• Downloads: 302

For Security & Risk Professionals

Tool:Forrester Wave™: Network Access Control, Q2 '11

For Security & Risk Professionals

Blog:WikiLeaks And Stratfor Make The Case For More Data Encryption

Yesterday, WikiLeaks released emails taken in the highly-publicized Stratfor data breach. While many of the emails are innocuous, such as accusations regarding a stolen lunch from the company...

For Security & Risk Professionals

Report:Protect And Manage Your Critical Information Assets

Executive Overview: The Data Security And Privacy Playbook

Data is the lifeblood of today's digital businesses, and for economic and even political gain, highly skilled cybercriminals are determined to steal it. Meanwhile, customers around the globe have...

• Downloads: 490
• Rating:

For Security & Risk Professionals

Blog:Exploring The Invisible Internet

At Forrester's Security Forum 2011 in Miami, November 9-10, we will be reprising the wildly successful "Hackers Vs. Executives" track session. There will be two leading security...

For Security & Risk Professionals

Report:Know Your Data To Create Actionable Policy

Policy And Procedures: The Data Security And Privacy Playbook

Data defense is the fundamental purpose of information security. To defend your data, there are only four levers you can pull — controlling access, inspecting data usage patterns for abuse,...

• Downloads: 282
• Rating:

For Security & Risk Professionals

Report:PCI X-Ray: Patch Management

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

• Downloads: 263

For Security & Risk Professionals

Blog:Lies, Damn Lies, Security Metrics, And Baseball

The legendary British Prime Minister Benjamin Disraeli is said to have noted that “There are lies, damn lies, and statistics.” Much of the technology world is focused on statistics and...

For Security & Risk Professionals

Report:Applying Zero Trust To The Extended Enterprise

Preparing Your Network For Any Device, Anywhere, Any Time

You are part of an extended enterprise — a new extended ecosystem of customers, clouds, service providers, partners, supply chains, and empowered users. The business expects you, the security...

• Downloads: 798
• Rating:

For Security & Risk Professionals

Report:Develop A Two-Phased DDoS Mitigation Strategy

Protect Yourself From Hacktivists And Other Cybercriminals

Until recently, distributed denial of service (DDoS) attacks had been part of infosec lore: something you heard about but rarely experienced. With the rise of hacktivist groups and other...

• Downloads: 3

For Security & Risk Professionals

Client Inquiry:Types Of IT Security Certificates

Can you provide us with definitions on the following types of security certificates: 1) SSL; 2) EFS; 3) device certificates; 4) user certificates; 5) code certificates; 6) signed and unsigned...

For Security & Risk Professionals

Blog:Go Long On Glue Manufacturers

FLASH TRAFFIC: This just in! The Washington Post is reporting a new wrinkle in cyberwarfare. In the article Defense official discloses cyberattack, the Post reports that “malicious code placed...

For Security & Risk Professionals

Report:Control And Protect Sensitive Information In The Era Of Big Data

Future Look: The Data Security And Privacy Playbook

This report outlines the future look of Forrester's solution for security and risk (S&R) executives seeking to develop a holistic strategy to protect and manage sensitive data. In the...

• Downloads: 1599
• Rating:

For Security & Risk Professionals

Report:PCI X-Ray: Assessment And Testing Checklist

This checklist is provided as a concise and comprehensive workbook to help organizations deal with the different types of assessments and tests that security and risk professionals must perform to...

• Downloads: 28

For Security & Risk Professionals

Report:Market Overview: Intrusion Prevention Systems, Q2 2011

A Mature Space, IPS Is Still The Bulwark Of Network Security

An intrusion prevention system (IPS) complements traditional firewalls by inspecting the entire network packet looking for malicious traffic that is often invisible to Layer 3 firewalls. While...

• Downloads: 961

For Security & Risk Professionals

Report:PCI X-Ray: Application Security

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

• Downloads: 398

Client Inquiry:Standard PCI Report Templates

Are there any standard PCI report templates for providing information to my QSA?