Forrester

For Security & Risk Professionals

Client Inquiry:How Should We Select Unified Threat Management Vendors?

We are in the process of selecting unified threat management (UTM) vendors. We have completed a decision analysis based on a technical needs assessment, but we need help narrowing down our vendors....

For Security & Risk Professionals

Client Inquiry:What Are Current Trends In Remote Access And SSL Functionality?

We are currently exploring all remote access options, particularly SSL functionality. What kind of trends are you are seeing in these areas?

For Security & Risk Professionals

Report:Strategy Deep Dive: Define Your Data

Rethinking Data Discovery And Classification For Data Security

Defining data via data discovery and classification is an often overlooked, yet critical, component of data security and control. Security and risk (S&R) pros can't expect to adequately protect data...

• Downloads: 185
• Rating:

For Security & Risk Professionals

Report:Dial "H" For Hack

An Empowered Report: Understanding The Threats To Unified Communication And VoIP Deployments

In many companies, the worlds of data networking and telecommunications have merged, and voice and video traffic travels with other enterprise data on the same corporate network. Often known...

• Downloads: 521

For Security & Risk Professionals

Report:No More Chewy Centers: Introducing The Zero Trust Model Of Information Security

Vision: The Security Architecture And Operations Playbook

There's an old saying in information security: "We want our network to be like an M&M, with a hard crunchy outside and a soft chewy center." For a generation of information security...

• Downloads: 1635

For Security & Risk Professionals

Report:Planning For Failure

An Effective Incident Management Program Is Essential To Help You Stay In Business

It's not a question of if — but when — your organization will experience a serious security breach. Cybercriminals are using more sophisticated and targeted attacks to steal everything...

• Downloads: 674

For Security & Risk Professionals

Report:Kill Your Data To Protect It From Cybercriminals

Strategic Plan: The Data Security And Privacy Playbook

As cybercriminals have become more skillful and sophisticated, they have eroded the effectiveness of our traditional perimeter-based security controls. The constantly mutating threat landscape...

• Downloads: 920

For Security & Risk Professionals

Client Inquiry:What Are Some Enterprise Key Management Vendor Options?

What vendors compete in the enterprise key management market?

For Security & Risk Professionals

Report:Top 15 Trends S&R Pros Should Watch: Q2 2013

From frantic security operations problems to the changing threat landscape, CISOs, senior security leaders, and other IT risk management leaders consistently have trouble keeping up with key trends...

• Downloads: 317
• Rating:

For Security & Risk Professionals

Report:Q&A: Streamlining Your Patch Management Strategy

Forrester continues to receive many customer inquiries related to effective patch management of servers and endpoints. Balancing the urgency of patching with the need to minimize employee downtime...

• Downloads: 394

For Security & Risk Professionals

Report:Dissect Data To Gain Actionable INTEL

Forrester's Data Security And Control Framework

Forrester segments the problem of securing and controlling data into three areas: 1) defining the data; 2) dissecting and analyzing the data; and 3) defending and protecting the data. We refer to...

• Downloads: 307
• Rating:

For Security & Risk Professionals

Report:Protect And Manage Your Critical Information Assets

Executive Overview: The Data Security And Privacy Playbook

Data is the lifeblood of today's digital businesses, and for economic and even political gain, highly skilled cybercriminals are determined to steal it. Meanwhile, customers around the globe have...

• Downloads: 495
• Rating:

For Security & Risk Professionals

Client Inquiry:What Are Some Best Practices For Using Jump Servers?

Are there certain vendors/solutions/configurations that are considered best practices for jump servers? Are organizations relying entirely on authentication and authorization controls, without having...

For Security & Risk Professionals

Client Inquiry:Is Tokenization The Right Technology To Encrypt Cardholder Data?

Tokenization: Is it the right technology to encrypt cardholder (saving and debit cards) data? What is the usage level of this product and of similar technologies on the market? What is the level of...

For Security & Risk Professionals

Report:Develop Your Road Map For Zero Trust Network Mitigation Technology

Road Map: The Security Architecture And Operations Playbook

This report outlines Forrester's solution to help security and risk (S&R) leaders develop their road map for Zero Trust network threat mitigation technologies using Forrester's TechRadar™...

• Downloads: 1138
• Rating:

For Security & Risk Professionals

Report:Applying Zero Trust To The Extended Enterprise

Preparing Your Network For Any Device, Anywhere, Any Time

You are part of an extended enterprise — a new extended ecosystem of customers, clouds, service providers, partners, supply chains, and empowered users. The business expects you, the security...

• Downloads: 801
• Rating:

For Security & Risk Professionals

Report:Build Security Into Your Network's DNA: The Zero Trust Network Architecture

Strategic Plan: The Security Architecture And Operations Playbook

One of our goals with Zero Trust is to optimize the security architectures and technologies for future flexibility. As we move toward a data-centric world with shifting threats and perimeters, we...

• Downloads: 1535
• Rating:

For Security & Risk Professionals

Report:Know Your Data To Create Actionable Policy

Policy And Procedures: The Data Security And Privacy Playbook

Data defense is the fundamental purpose of information security. To defend your data, there are only four levers you can pull — controlling access, inspecting data usage patterns for abuse,...

• Downloads: 287
• Rating:

For Security & Risk Professionals

Client Inquiry:How Do You Centrally Manage And Encrypt Data On USB Drives?

We are looking for a solution to centrally manage USB drives for all of our desktops. More specifically, we would want to ensure that data on the USB drive is encrypted. Does Forrester have any...

For Security & Risk Professionals

Tool:Evaluated Vendors: Product Information And Selection Criteria

For Security & Risk Professionals

Report:PCI X-Ray: Assessment And Testing Checklist

This checklist is provided as a concise and comprehensive workbook to help organizations deal with the different types of assessments and tests that security and risk professionals must perform to...

• Downloads: 28

For Security & Risk Professionals

Client Inquiry:What Are Best Practices For Log Management And Security Information Management?

We would like to understand some best practices in the field of log management. More specifically: 1. Is it a best practice to correlate, aggregate, and monitor all logs for business risk and...

For Security & Risk Professionals

Report:Pull Your Head Out Of The Sand And Put It On A Swivel: Introducing Network Analysis And Visibility

Essential Functionality For The Zero Trust Model Of Information Security

In today's threat environment, the network perimeter has disappeared. Insiders are as insidious a threat as outsiders. In the past, the "trust but verify" model did not facilitate insight into...

• Downloads: 891

For Security & Risk Professionals

Report:PCI X-Ray: Application Security Checklist

This is a workbook that supplements the PCI X-Ray: Application Security Document

• Downloads: 33

For Security & Risk Professionals

Report:Develop A Two-Phased DDoS Mitigation Strategy

Protect Yourself From Hacktivists And Other Cybercriminals

Until recently, distributed denial of service (DDoS) attacks had been part of infosec lore: something you heard about but rarely experienced. With the rise of hacktivist groups and other...

• Downloads: 98