Forrester

For Security & Risk Professionals

Blog:Starving The Golden Goose

The new revolution in apps and social media continues at a stunning rate. Nearly every day a colleague tells me of another app or site that is bubbling up and about to hit the big time. Many will not...

For Security & Risk Professionals

Report:Q&A: Cyberinsurance Fundamentals For Security And Risk Professionals

Since cyberinsurance first emerged in the late '90s, the number of available policies, the scope of those policies, and the number of insurers offering them have all significantly increased. Due to...

• Downloads: 58

For Security & Risk Professionals

Blog:Rewind And Replay For Web App Vulnerabilities

Security threats develop and evolve with startling rapidity, with the attackers always seeking to stay one step ahead of the S&R professional. The agility of our aggressors is understandable; they do...

For Security & Risk Professionals

Blog:CISOs Need To CYA - 'Comprehend Your Assets'

I recently went for coffee with a very interesting gentleman who had previously been responsible for threat and vulnerability management in a global bank – our conversation roamed far and wide...

For Security & Risk Professionals

Blog:Is The Time Right To Spread Your Risk?

For many years, security professionals have lived by the three pillars of risk management – AVOID, TREAT, ACCEPT.  These great tenets have served the profession well, enabling CISOs to...

For Security & Risk Professionals

Blog:Security Pros Need To Value Pragmatism Above All Else

Last night I attended a vendor presentation about cloud-based risk and the threat from nation state attacks. Unfortunately, due to a busy schedule and a difficult journey, I arrived just as the final...

For Security & Risk Professionals

Blog:The Atlantic Ocean Divides Financial Aspirations For CISOs In 2013

  As 2012 came to a close, we studied the financial position of many CISOs and asked about their expectations for 2013. Unsurprisingly, it was apparent that 2012 was another difficult year and...

For Security & Risk Professionals

Report:Build An Information Security Management System

Policy And Procedures: The S&R Practice Playbook

Over recent years, the information security industry has matured nicely; experts and associations have documented many best practice models, and their adoption has been widespread. It's disconcerting...

• Downloads: 764

For Security & Risk Professionals

Blog:The Psychology Of Bad News

  Last night I stumbled across a documentary on BBC2 (content only available to UK residents – sorry!) about the human brain. One section talked about how the brain perceived risk issues...

For Security & Risk Professionals

Blog:The Demise Of The Player/Manager CISO

The role of the CISO is changing. For years we have talked about the requirement to make the top security and risk (S&R) role increasingly business-facing, and this is now turning into a reality....

For Security & Risk Professionals

Blog:Call Record Privacy Is Not Just A US Issue

As individuals get better access to the technology that enables their participation in the information age, so privacy has to be considered and regulation applied to raise standards to those that are...

For Security & Risk Professionals

Blog:A Christmas Present From MIT?

As much as the cloud computing model makes sense to me, my security sensibilities cry out about information risk every time I start to consider actual implementation for data of value across an...

For Security & Risk Professionals

Report:Assess Your Security Program With Forrester's Information Security Maturity Model

Assessment Framework: The S&R Practice Playbook

This report outlines the assessment framework associated with Forrester's solution for security and risk (S&R) executives. The report is designed to help CISOs as they continue working their way...

• Downloads: 2093
• Comments: 1
• Rating:

For Security & Risk Professionals

Report:Role Job Description: Chief Information Security Officer

The role of the chief information security officer (CISO) is increasingly central to many organizations; however, it has many guises. No two CISOs have exactly the same roles and responsibilities,...

• Downloads: 666

For Security & Risk Professionals

Report:Recruit And Retain An Information Security Team

Skills And Staffing: The S&R Practice Playbook

This report outlines the skills and staffing strategy for Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. We...

• Downloads: 420
• Comments: 2

For Security & Risk Professionals

Report:The Forrester Wave™: Information Security Consulting Services, Q1 2013

Ernst & Young, Deloitte, IBM, Accenture, PwC, And KPMG Lead, With Wipro Following Close Behind

The information security consulting market is growing explosively because security and risk professionals often lack the skill and bandwidth to accomplish their increasingly difficult mission. To...

• Downloads: 567
• Rating:

For Security & Risk Professionals

Report:What You Must Know About Data Privacy Regulations In Asia Pacific

Be Ready To Comply With Dynamic Regulatory Changes

Understanding the laws and regulations that govern data privacy across your organization is critical for any company, but it can be challenging. As a result, too many security and risk (S&R)...

• Downloads: 130

For Security & Risk Professionals

Report:Understand Security And Risk Budgeting For 2013

Benchmarks: The S&R Practice Playbook

The global downturn has constrained security budgets for several years now, and chief information security officers (CISOs) have become accustomed to taking on more responsibilities without...

• Downloads: 867

For Security & Risk Professionals

Blog:A 'BYO' Too Far?

Undoubtedly, most of you will have seen the amazing story about the developer who secretly outsourced his own role to China, investing 20% of his annual salary to free up almost all his work time....

For Security & Risk Professionals

Report:Prepare Your Security Organization For The Internet Of Things

Why The Next Internet Revolution Is Much More Alarming Than The Last

There is a revolution happening right now; innovative organizations are planning how they can merge the physical and digital worlds to bring new products and experiences to their customers. At the...

• Downloads: 372
• Comments: 1
• Rating:

For Security & Risk Professionals

Report:Define A Road Map To Accelerate The Organizational Maturity Of Your Security Program

Road Map: The S&R Practice Playbook

This report outlines the future state of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed...

• Downloads: 1033

For Security & Risk Professionals

Report:Build A Strategic Security Program And Organization

Strategic Plan: The S&R Practice Playbook

This report outlines the strategic vision of Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. This report is...

• Downloads: 2289

For Security & Risk Professionals

Report:Reinvent Security Awareness To Engage The Human Firewall

Change Management: The S&R Practice Playbook

For too long, creating security awareness has been an afterthought, something CISOs did in their spare time after putting out the operational fires that sprang up around them with alarming...

• Downloads: 191

For Security & Risk Professionals

Blog:New Research: Organizational Challenges

I was reading an article recently which outlined the different agencies employed within the United Kingdom to protect against cyber-threats.  Not including the armed forces, who would have...

For Security & Risk Professionals

Blog:Open & Honest - Should Breach Disclosure Be Mandatory?

A few months ago I shared a flight with a very pleasant lady from a European regulatory body.  After shoulder surfing her papers and seeing we were both interested in information security...