CLIP THIS INQUIRY

Select a group :

Group Name
Create New GroupClip

Andrew Rose

Principal Analyst serving Security & Risk PROFESSIONALS

Andrew's research contributes to Forrester's offerings for the Security & Risk Professional. He is a proven security leader, capable of transforming security teams into highly effective groups and driving efficiencies to deliver results with limited resource. Andrew is a leading expert in information security and risk management, ISO27001 frameworks, supplier review, and business engagement; information security policy development; information security strategy; and governance, risk, and compliance (GRC) initiatives.

Previous Work Experience

Prior to joining Forrester, Andrew was a CISO in the legal sector. He transformed security management for two major global firms, revising policies, setting strategy, introducing IT audit, and developing the maturity of the security teams. Ultimately, he led both firms to ISO27001 certification. Andrew was chairman of the Legal Security Forum, the industry's information security special interest group, and worked with the industry regulators to define and communicate best practices. Before entering the legal sector, Andrew worked in the insurance industry providing security consultancy and developing IAM teams. He has been a regular columnist for several risk-focused magazines and recently retired from the UK ISSA Executive Advisory Board.


Education

Andrew holds a master's degree in information security from Westminster University. Andrew is also a certified information systems security professional (CISSP), a certified information security manager (CISM), certified in risk and information systems control (CRISC), and a trained ISO27001 lead auditor.

Research Coverage:

Business Value of IT, IT Budgeting & Forecasting, IT Management, IT Risk Management, Organizational Design & Change Management, Security Performance Management, Security Standards, Regulations & Legislation, Staff Development, Training & Succession Management, Strategy & Strategic Planning, Strategy, Planning & Governance of IT, Technology

Refine your results

Methodology

Topics

Industry

Region

Vendor

15 results in Reports

  • Andrew Rose
  • Past 18 months

  • For Security & Risk Professionals

    Report:Build A Strategic Security Program And Organization

    Strategic Plan: The S&R Practice Playbook

    Andrew RoseApril 12, 2013

    This report outlines the strategic vision of Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. This report is...

    • Downloads: 2206

  • For Security & Risk Professionals

    Report:Assess Your Security Program With Forrester's Information Security Maturity Model

    Assessment Framework: The S&R Practice Playbook

    Christopher McClean, Khalid Kark, Andrew RoseFebruary 01, 2013

    This report outlines the assessment framework associated with Forrester's solution for security and risk (S&R) executives. The report is designed to help CISOs as they continue working their way...

    • Downloads: 2047
    • Comments: 1
    • Rating:

  • For Security & Risk Professionals

    Report:Define A Road Map To Accelerate The Organizational Maturity Of Your Security Program

    Road Map: The S&R Practice Playbook

    Andrew RoseJanuary 17, 2012

    This report outlines the future state of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed...

    • Downloads: 1025

  • For Security & Risk Professionals

    Report:Navigate The Future Of The Security Organization

    Future Look: The S&R Practice Playbook

    Stephanie Balaouras, Andrew RoseFebruary 14, 2012

    This report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building a high-performance security program and organization. This report is designed...

    • Downloads: 937

  • For Security & Risk Professionals

    Report:Understand Security And Risk Budgeting For 2013

    Benchmarks: The S&R Practice Playbook

    Andrew Rose, Nick HayesJanuary 10, 2013

    The global downturn has constrained security budgets for several years now, and chief information security officers (CISOs) have become accustomed to taking on more responsibilities without...

    • Downloads: 843

  • For Security & Risk Professionals

    Report:Build An Information Security Management System

    Policy And Procedures: The S&R Practice Playbook

    Andrew RoseApril 12, 2013

    Over recent years, the information security industry has matured nicely; experts and associations have documented many best practice models, and their adoption has been widespread. It's disconcerting...

    • Downloads: 743

  • For Security & Risk Professionals

    Report:Build A High-Performance Security Organization

    Executive Overview: The S&R Practice Playbook

    Stephanie Balaouras, Andrew RoseJune 27, 2012

    Today, business leaders expect the CISO to not only protect the organization from run-of-the-mill hackers but to also protect its brand and competitive advantage in the marketplace — all while...

    • Downloads: 597
    • Rating:

  • For Security & Risk Professionals

    Report:Role Job Description: Chief Information Security Officer

    Andrew RoseMarch 05, 2012

    The role of the chief information security officer (CISO) is increasingly central to many organizations; however, it has many guises. No two CISOs have exactly the same roles and responsibilities,...

    • Downloads: 653

  • For Security & Risk Professionals

    Report:The Forrester Wave™: Information Security Consulting Services, Q1 2013

    Ernst & Young, Deloitte, IBM, Accenture, PwC, And KPMG Lead, With Wipro Following Close Behind

    Ed Ferrara, Andrew RoseFebruary 01, 2013

    The information security consulting market is growing explosively because security and risk professionals often lack the skill and bandwidth to accomplish their increasingly difficult mission. To...

    • Downloads: 533
    • Rating:

  • For Security & Risk Professionals

    Report:Develop A Change Plan For Your Security Program

    Stakeholder Needs: The S&R Practice Playbook

    Andrew RoseMarch 26, 2012

    This report maps out the key stakeholders for Forrester's solution for security & risk (S&R) professionals looking to build a high-performance security program and organization. This report is...

    • Downloads: 523
    • Rating:

  • For Security & Risk Professionals

    Report:Recruit And Retain An Information Security Team

    Skills And Staffing: The S&R Practice Playbook

    Andrew RoseJune 14, 2012

    This report outlines the skills and staffing strategy for Forrester's solution for security and risk (S&R) professionals looking to build a high-performance security program and organization. We...

    • Downloads: 410
    • Comments: 2

  • For Security & Risk Professionals

    Report:Prepare Your Security Organization For The Internet Of Things

    Why The Next Internet Revolution Is Much More Alarming Than The Last

    Andrew RoseOctober 23, 2012

    There is a revolution happening right now; innovative organizations are planning how they can merge the physical and digital worlds to bring new products and experiences to their customers. At the...

    • Downloads: 356
    • Comments: 1
    • Rating:

  • For Security & Risk Professionals

    Report:Reinvent Security Awareness To Engage The Human Firewall

    Change Management: The S&R Practice Playbook

    Andrew Rose, Nick HayesApril 12, 2013

    For too long, creating security awareness has been an afterthought, something CISOs did in their spare time after putting out the operational fires that sprang up around them with alarming...

    • Downloads: 165

  • For Security & Risk Professionals

    Report:What You Must Know About Data Privacy Regulations In Asia Pacific

    Be Ready To Comply With Dynamic Regulatory Changes

    Masami Kashiwagi, Andrew RoseMay 15, 2013

    Understanding the laws and regulations that govern data privacy across your organization is critical for any company, but it can be challenging. As a result, too many security and risk (S&R)...

    • Downloads: 97

  • For Security & Risk Professionals

    Report:Q&A: Cyberinsurance Fundamentals For Security And Risk Professionals

    Andrew RoseJuly 11, 2012

    Since cyberinsurance first emerged in the late '90s, the number of available policies, the scope of those policies, and the number of insurers offering them have all significantly increased. Due to...

    • Downloads: 54
 
Loading...

Browse

About Forrester

Forrester Research, Inc. is an independent research company that provides pragmatic and forward-thinking advice to global leaders in business and technology.

Roles We Serve

Forrester supports leaders in 13 roles across three distinct client segments: Business Technology, Marketing & Strategy, and Technology Industry.

Analysts & Coverage Areas

Aligned to your professional role, Forrester's analysts are experts in the specific technologies, issues, and trends currently impacting your business.

Research
Latest Reports
Playbooks
Charts & Figures
Forrester Waves
Planned Research
Data
Consumer Data
Business Data
Events
Forums
Webinars
Workshops
Tools & Templates
Vendor Selection Aids
Best Practice & Self-Assessments
Models & Calculators
Document Templates

Forrester Leadership Boards

Fresh thinking and collaborative problem-solving through an unmatched combination of peer networking, forward-looking analysis, and professional guidance.

Consulting

Our expert analysts provide custom research-based frameworks to guide you through each phase of your critical business initiatives from identifying opportunity to optimizing results.

Community

Connect with peers and analysts, share your views, and ask questions on key business issues.

Blog

Forrester analysts weigh in on the latest business and technology news.

  • BROWSE
  • Register
  • Call +1 617.613.5730
  • Cart