Forrester

For Security & Risk Professionals

Report:Build A High-Performance Security Organization

Executive Overview: The S&R Practice Playbook

Today, business leaders expect the CISO to not only protect the organization from run-of-the-mill hackers but to also protect its brand and competitive advantage in the marketplace — all while...

• Downloads: 596
• Rating:

For Security & Risk Professionals

Report:Prepare Your Security Organization For The Internet Of Things

Why The Next Internet Revolution Is Much More Alarming Than The Last

There is a revolution happening right now; innovative organizations are planning how they can merge the physical and digital worlds to bring new products and experiences to their customers. At the...

• Downloads: 353
• Comments: 1
• Rating:

For Security & Risk Professionals

Report:Q&A: Cyberinsurance Fundamentals For Security And Risk Professionals

Since cyberinsurance first emerged in the late '90s, the number of available policies, the scope of those policies, and the number of insurers offering them have all significantly increased. Due to...

• Downloads: 54

For Security & Risk Professionals

Report:Build An Information Security Management System

Policy And Procedures: The S&R Practice Playbook

Over recent years, the information security industry has matured nicely; experts and associations have documented many best practice models, and their adoption has been widespread. It's disconcerting...

• Downloads: 739

For Security & Risk Professionals

Blog:The Atlantic Ocean Divides Financial Aspirations For CISOs In 2013

  As 2012 came to a close, we studied the financial position of many CISOs and asked about their expectations for 2013. Unsurprisingly, it was apparent that 2012 was another difficult year and...

For Security & Risk Professionals

Blog:The Elephant And The Internet

A little while ago I bumped into a journalist friend at a trade conference. We chatted about the event to try and identify hot topics and trends from our discussions and supplier meetings, and both...

For Security & Risk Professionals

Report:Role Job Description: Chief Information Security Officer

The role of the chief information security officer (CISO) is increasingly central to many organizations; however, it has many guises. No two CISOs have exactly the same roles and responsibilities,...

• Downloads: 653

For Security & Risk Professionals

Blog:New Research: Organizational Challenges

I was reading an article recently which outlined the different agencies employed within the United Kingdom to protect against cyber-threats.  Not including the armed forces, who would have...

For Security & Risk Professionals

Report:The Forrester Wave™: Information Security Consulting Services, Q1 2013

Ernst & Young, Deloitte, IBM, Accenture, PwC, And KPMG Lead, With Wipro Following Close Behind

The information security consulting market is growing explosively because security and risk professionals often lack the skill and bandwidth to accomplish their increasingly difficult mission. To...

• Downloads: 525
• Rating:

For Security & Risk Professionals

Blog:A 'BYO' Too Far?

Undoubtedly, most of you will have seen the amazing story about the developer who secretly outsourced his own role to China, investing 20% of his annual salary to free up almost all his work time....

For Security & Risk Professionals

Report:Develop A Change Plan For Your Security Program

Stakeholder Needs: The S&R Practice Playbook

This report maps out the key stakeholders for Forrester's solution for security & risk (S&R) professionals looking to build a high-performance security program and organization. This report is...

• Downloads: 522
• Rating:

For Security & Risk Professionals

Report:Navigate The Future Of The Security Organization

Future Look: The S&R Practice Playbook

This report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed...

• Downloads: 935

For Security & Risk Professionals

Blog:InfoSec In The Supply Chain

The importance of data security throughout the supply chain is something we have all considered, but Greg Schaffer, acting deputy undersecretary of the Homeland Security Department of the National...

For Security & Risk Professionals

Report:Define A Road Map To Accelerate The Organizational Maturity Of Your Security Program

Road Map: The S&R Practice Playbook

This report outlines the future state of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed...

• Downloads: 1025

For Security & Risk Professionals

Blog:The Psychology Of Bad News

  Last night I stumbled across a documentary on BBC2 (content only available to UK residents – sorry!) about the human brain. One section talked about how the brain perceived risk issues...

For Security & Risk Professionals

Blog:Is The Time Right To Spread Your Risk?

For many years, security professionals have lived by the three pillars of risk management – AVOID, TREAT, ACCEPT.  These great tenets have served the profession well, enabling CISOs to...

For Security & Risk Professionals

Report:Assess Your Security Program With Forrester's Information Security Maturity Model

Assessment Framework: The S&R Practice Playbook

This report outlines the assessment framework associated with Forrester's solution for security and risk (S&R) executives. The report is designed to help CISOs as they continue working their way...

• Downloads: 2040
• Comments: 1
• Rating:

For Security & Risk Professionals

Report:What You Must Know About Data Privacy Regulations In Asia Pacific

Be Ready To Comply With Dynamic Regulatory Changes

Understanding the laws and regulations that govern data privacy across your organization is critical for any company, but it can be challenging. As a result, too many security and risk (S&R)...

• Downloads: 83

For Security & Risk Professionals

Blog:Starving The Golden Goose

The new revolution in apps and social media continues at a stunning rate. Nearly every day a colleague tells me of another app or site that is bubbling up and about to hit the big time. Many will not...

For Security & Risk Professionals

Report:Building An Effective Information Security Policy Framework

CISOs Need To Act To Realize True Business Benefit From Security Policy

As information security has become more widely understood, the majority of organizations have built a set of supporting policies. Unfortunately, many of these are slowly drifting toward irrelevance...

• Downloads: 658

For Security & Risk Professionals

Blog:CISOs Need To CYA - 'Comprehend Your Assets'

I recently went for coffee with a very interesting gentleman who had previously been responsible for threat and vulnerability management in a global bank – our conversation roamed far and wide...

For Security & Risk Professionals

Blog:Compliance And Cloud – Responsible Or Accountable?

It’s interesting how many threads there are on the Internet that still debate the difference between these two words: “responsible” and “accountable.” Oddly enough,...

For Security & Risk Professionals

Blog:Security Pros Need To Value Pragmatism Above All Else

Last night I attended a vendor presentation about cloud-based risk and the threat from nation state attacks. Unfortunately, due to a busy schedule and a difficult journey, I arrived just as the final...

For Security & Risk Professionals

Blog:Go Beyond Technology To Build An Effective Security Practice

It’s common knowledge that the security landscape has shifted over the past few years and the once-strong perimeters that CISOs relied upon have become stretched, fragmented, and overrun by...

For Security & Risk Professionals

Blog:A Christmas Present From MIT?

As much as the cloud computing model makes sense to me, my security sensibilities cry out about information risk every time I start to consider actual implementation for data of value across an...