Forrester Research : Analyst : Andrew Rose

CLIP THIS INQUIRY

Select a group :

Group Name

Create New Group Clip

CLIP THIS FLOOW

Select a group :

Group Name

Create New Group Clip

Andrew Rose

Principal Analyst serving Security & Risk PROFESSIONALS

Blog: Security & Risk Blog

Andrew's research contributes to Forrester's offerings for the Security & Risk Professional. He is a proven security leader, capable of transforming security teams into highly effective groups and driving efficiencies to deliver results with limited resource. Andrew is a leading expert in information security and risk management, ISO27001 frameworks, supplier review, and business engagement; information security policy development; information security strategy; and governance, risk, and compliance (GRC) initiatives.

Previous Work Experience

Prior to joining Forrester, Andrew was a CISO in the legal sector. He transformed security management for two major global firms, revising policies, setting strategy, introducing IT audit, and developing the maturity of the security teams. Ultimately, he led both firms to ISO27001 certification. Andrew was chairman of the Legal Security Forum, the industry's information security special interest group, and worked with the industry regulators to define and communicate best practices. Before entering the legal sector, Andrew worked in the insurance industry providing security consultancy and developing IAM teams. He has been a regular columnist for several risk-focused magazines and recently retired from the UK ISSA Executive Advisory Board.

Education

Andrew holds a master's degree in information security from Westminster University. Andrew is also a certified information systems security professional (CISSP), a certified information security manager (CISM), certified in risk and information systems control (CRISC), and a trained ISO27001 lead auditor.

Research Coverage:

Business Value of IT, IT Budgeting & Forecasting, IT Management, IT Risk Management, Organizational Design & Change Management, Security Performance Management, Security Standards, Regulations & Legislation, Staff Development, Training & Succession Management, Strategy & Strategic Planning, Strategy, Planning & Governance of IT, Technology

Andrew Rose's Research

For Security & Risk Professionals
Report: What You Must Know About Data Privacy Regulations In Asia Pacific
Masami Kashiwagi, Andrew RoseMay 15, 2013
Understanding the laws and regulations that govern data privacy across your organization is critical for any company, but it can be challenging. As a result, too many security and risk (S&R) pro...
- Downloads: 99
For Security & Risk Professionals
Report: Build An Information Security Management System
Andrew RoseApril 12, 2013
Over recent years, the information security industry has matured nicely; experts and associations have documented many best practice models, and their adoption has been widespread. It's disconce...
- Downloads: 743
For Security & Risk Professionals
Report: Build A Strategic Security Program And Organization
Andrew RoseApril 12, 2013
This report outlines the strategic vision of Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. This report...
- Downloads: 2211
For Security & Risk Professionals
Report: Reinvent Security Awareness To Engage The Human Firewall
Andrew Rose, Nick HayesApril 12, 2013
For too long, creating security awareness has been an afterthought, something CISOs did in their spare time after putting out the operational fires that sprang up around them with alarming regul...
- Downloads: 166
For Security & Risk Professionals
Report: Assess Your Security Program With Forrester's Information Security Maturity Model
Christopher McClean, Khalid Kark, Andrew RoseFebruary 01, 2013
This report outlines the assessment framework associated with Forrester's solution for security and risk (S&R) executives. The report is designed to help CISOs as they continue working their...
- Downloads: 2048
- Comments: 1
- Rating:

View all of Andrew Rose's Research

For Security & Risk Professionals
Report: Build A Strategic Security Program And Organization
Andrew RoseApril 12, 2013
This report outlines the strategic vision of Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. This report...
- Downloads: 2211
For Security & Risk Professionals
Report: Assess Your Security Program With Forrester's Information Security Maturity Model
Christopher McClean, Khalid Kark, Andrew RoseFebruary 01, 2013
This report outlines the assessment framework associated with Forrester's solution for security and risk (S&R) executives. The report is designed to help CISOs as they continue working their...
- Downloads: 2048
- Comments: 1
- Rating:
For Security & Risk Professionals
Report: Define A Road Map To Accelerate The Organizational Maturity Of Your Security Program
Andrew RoseJanuary 17, 2012
This report outlines the future state of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is desi...
- Downloads: 1025
For Security & Risk Professionals
Report: Navigate The Future Of The Security Organization
Stephanie Balaouras, Andrew RoseFebruary 14, 2012
This report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is desig...
- Downloads: 937
For Security & Risk Professionals
Report: Understand Security And Risk Budgeting For 2013
Andrew Rose, Nick HayesJanuary 10, 2013
The global downturn has constrained security budgets for several years now, and chief information security officers (CISOs) have become accustomed to taking on more responsibilities without corr...
- Downloads: 844