Forrester

For Security & Risk Professionals

Tool:Forrester Wave™: Network Access Control, Q2 '11

For Security & Risk Professionals

Report:Kill Your Data To Protect It From Cybercriminals

Strategic Plan: The Data Security And Privacy Playbook

As cybercriminals have become more skillful and sophisticated, they have eroded the effectiveness of our traditional perimeter-based security controls. The constantly mutating threat landscape...

• Downloads: 920

For Security & Risk Professionals

Report:Build Security Into Your Network's DNA: The Zero Trust Network Architecture

Strategic Plan: The Security Architecture And Operations Playbook

One of our goals with Zero Trust is to optimize the security architectures and technologies for future flexibility. As we move toward a data-centric world with shifting threats and perimeters, we...

• Downloads: 1533
• Rating:

For Security & Risk Professionals

Client Inquiry:Types Of IT Security Certificates

Can you provide us with definitions on the following types of security certificates: 1) SSL; 2) EFS; 3) device certificates; 4) user certificates; 5) code certificates; 6) signed and unsigned...

For Security & Risk Professionals

Report:Planning For Failure

An Effective Incident Management Program Is Essential To Help You Stay In Business

It's not a question of if — but when — your organization will experience a serious security breach. Cybercriminals are using more sophisticated and targeted attacks to steal everything...

• Downloads: 673

For Security & Risk Professionals

Report:Dissect Data To Gain Actionable INTEL

Forrester's Data Security And Control Framework

Forrester segments the problem of securing and controlling data into three areas: 1) defining the data; 2) dissecting and analyzing the data; and 3) defending and protecting the data. We refer to...

• Downloads: 306
• Rating:

For Security & Risk Professionals

Report:Strategy Deep Dive: Define Your Data

Rethinking Data Discovery And Classification For Data Security

Defining data via data discovery and classification is an often overlooked, yet critical, component of data security and control. Security and risk (S&R) pros can't expect to adequately protect data...

• Downloads: 183
• Rating:

For Security & Risk Professionals

Blog:RSA’s Acquisition Of NetWitness Validates Forrester’s NAV Concept

Today EMC’s security division RSA announced the acquisition of NAV (Network Analysis and Visibility) vendor NetWitness. Some pundits have suggested that this is a direct...

For Security & Risk Professionals

Client Inquiry:Can You Use Intrusion Prevention Instead Of A Web Security Gateway?

Is it possible to use an intrusion prevention system (IPS) instead of using the full capabilities of a web security gateway (WSG)? What could an IPS provide for the web traffic beyond the WSG?

For Security & Risk Professionals

Blog:Lies, Damn Lies, Security Metrics, And Baseball

The legendary British Prime Minister Benjamin Disraeli is said to have noted that “There are lies, damn lies, and statistics.” Much of the technology world is focused on statistics and...

For Security & Risk Professionals

Report:PCI X-Ray: Assessments And Testing

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

• Downloads: 367

For Security & Risk Professionals

Client Inquiry:What Are Some Enterprise Key Management Vendor Options?

What vendors compete in the enterprise key management market?

For Security & Risk Professionals

Report:PCI X-Ray: Application Security

To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

• Downloads: 398

Client Inquiry:Standard PCI Report Templates

Are there any standard PCI report templates for providing information to my QSA?

For Security & Risk Professionals

Report:Defend Your Data From Mutating Threats With A Zero Trust Network

Executive Overview: The Security Architecture And Operations Playbook

We've all heard about the "evolving threat landscape." In biology, evolution is a process that takes millions of years to occur as a result of small changes in successive generations. Mutations, on...

• Downloads: 304

For Security & Risk Professionals

Report:Top 15 Trends S&R Pros Should Watch: Q2 2013

From frantic security operations problems to the changing threat landscape, CISOs, senior security leaders, and other IT risk management leaders consistently have trouble keeping up with key trends...

• Downloads: 313
• Rating:

For Security & Risk Professionals

Report:Control And Protect Sensitive Information In The Era Of Big Data

Future Look: The Data Security And Privacy Playbook

This report outlines the future look of Forrester's solution for security and risk (S&R) executives seeking to develop a holistic strategy to protect and manage sensitive data. In the...

• Downloads: 1609
• Rating:

For Security & Risk Professionals

Report:Protect And Manage Your Critical Information Assets

Executive Overview: The Data Security And Privacy Playbook

Data is the lifeblood of today's digital businesses, and for economic and even political gain, highly skilled cybercriminals are determined to steal it. Meanwhile, customers around the globe have...

• Downloads: 495
• Rating:

For Security & Risk Professionals

Report:Develop Your Road Map For Zero Trust Network Mitigation Technology

Road Map: The Security Architecture And Operations Playbook

This report outlines Forrester's solution to help security and risk (S&R) leaders develop their road map for Zero Trust network threat mitigation technologies using Forrester's TechRadar™...

• Downloads: 1136
• Rating:

For Security & Risk Professionals

Report:Q&A: Streamlining Your Patch Management Strategy

Forrester continues to receive many customer inquiries related to effective patch management of servers and endpoints. Balancing the urgency of patching with the need to minimize employee downtime...

• Downloads: 394

For Security & Risk Professionals

Blog:InfoSec, Structural Engineering, And The Security Architecture Playbook

Last year the country of Japan suffered a devastating disaster of unspeakable proportions. A massive earthquake on the eastern coast of the country triggered a deadly tsunami that caused the flooding...

For Security & Risk Professionals

Report:Pull Your Head Out Of The Sand And Put It On A Swivel: Introducing Network Analysis And Visibility

Essential Functionality For The Zero Trust Model Of Information Security

In today's threat environment, the network perimeter has disappeared. Insiders are as insidious a threat as outsiders. In the past, the "trust but verify" model did not facilitate insight into...

• Downloads: 891

For Security & Risk Professionals

Blog:Preview Of PCI DSS 1.3 – Oops 2.0 – Released

The PCI Security Standards Council released the summary of changes for the new version of PCI — 2.0.  Merchants, you can quit holding your breath as this document is a yawner...

For Security & Risk Professionals

Report:Rethinking DLP: Introducing The Forrester DLP Maturity Grid

Assessment Framework: The Data Security And Privacy Playbook

Data loss prevention or protection (DLP) — depending upon your usage — is both one of the hottest topics and most difficult challenges among information security professionals today. In...

• Downloads: 1031
• Rating:

For Security & Risk Professionals

Report:Defend Your Business From The Mutating Threat Landscape

Business Case: The Security Architecture And Operations Playbook

We may look back on 2011 and 2012 as the golden age of hacking. In 2011, we saw well-publicized and devastating attacks such as the one that brought down the Sony PlayStation Network (PSN). In 2012,...

• Downloads: 857