John Kindervag

Vice President, Principal Analyst serving Security & Risk PROFESSIONALS

John serves Security & Risk Professionals. He is a leading expert on wireless security, network security, security information management, and PCI data security.

Previous Work Experience

John is a 25-year veteran of the high-tech world. He holds numerous industry certifications, including CISSP, CEH, QSA, and CCNA. Prior to joining Forrester, John was the senior security architect with security consultancy Vigilar, and he started the security practice for a Cisco Gold VAR, Flair Data Systems, where he was a principal security consultant. He has particular expertise in the areas of wireless security, intrusion detection and prevention, and voice over IP hacking. He has been interviewed and published in numerous magazines, including Hospitality Technology Magazine,, and John has spoken at many security conferences and events, including ToorCon, ShmoCon, and InfoSec World.


John has a Bachelor of Arts degree in communications from the University of Iowa.

Refine your results

Date Range





Market Imperatives



62 results in Reports

  • John Kindervag
  • For Security & Risk Professionals

    Report:The Future Of Data Security: A Zero Trust Approach

    Vision: The Data Security And Privacy Playbook

    Data is the lifeblood of today's digital businesses, and protecting it from theft, misuse, and abuse is the No. 1 responsibility of every S&R leader. Hacked customer data can erase millions in...

    • Downloads: 2279
  • For Security & Risk Professionals

    Report:No More Chewy Centers: Introducing The Zero Trust Model Of Information Security

    Vision: The Security Architecture And Operations Playbook

    There's an old saying in information security: "We want our network to be like an M&M, with a hard crunchy outside and a soft chewy center." For a generation of information security professionals,...

    • Downloads: 2049
  • For Security & Risk Professionals

    Report:Market Overview: Security Information Management (SIM)

    PCI Gives The SIM Market Its Second Wind, But The Field Will Thin Out In The Years Ahead

    The security information management (SIM) market has undergone a dramatic transformation in the past five years. After growing to a respectable size in a short period in the early 2000s, the SIM...

    • Downloads: 1720
  • For Security & Risk Professionals

    Report:Build Security Into Your Network's DNA: The Zero Trust Network Architecture

    Strategic Plan: The Security Architecture And Operations Playbook

    One of our goals with Zero Trust is to optimize the security architectures and technologies for future flexibility. As we move toward a data-centric world with shifting threats and perimeters, we...

    • Downloads: 1990
  • For Security & Risk Professionals

    Report:Develop Your Road Map For Zero Trust Network Mitigation Technology

    Road Map: The Security Architecture And Operations Playbook

    This report outlines Forrester's solution to help security and risk (S&R) leaders develop their road map for Zero Trust network threat mitigation technologies using Forrester's TechRadar™...

    • Downloads: 1477
  • For CIO Professionals

    Report:Predictions For 2014: Cloud Computing

    Cloud Formally Joins The IT Portfolio — Whether IT Likes It Or Not

    As we head into 2014, cloud computing is no longer a "future" but a "now." Investments are up, enterprise use is widespread, and the hybrid cloud model has arrived. While the bulk of cloud...

    • Downloads: 1413
  • For Security & Risk Professionals

    Report:The Forrester Wave™: Network Access Control, Q2 2011

    ForeScout, Juniper, And Bradford Networks Outdistance The Pack, But Cisco, McAfee, And Enterasys Are Close Behind

    In Forrester's 72-criteria evaluation of network access control (NAC) vendors, we found few notable points of differentiation between vendor offerings. Thus we have a tight clustering of vendors...

    • Downloads: 1091
  • For Security & Risk Professionals

    Report:Rethinking DLP: Introducing The Forrester DLP Maturity Grid

    Assessment Framework: The Data Security And Privacy Playbook

    Data loss prevention or protection (DLP) — depending upon your usage — is both one of the hottest topics and most difficult challenges among information security professionals today. In...

    • Downloads: 1327
  • For Security & Risk Professionals

    Report:TechRadar™ For Security & Risk Professionals: Network Threat Mitigation, Q3 2009

    The news is filled with reports of networks attacks and stolen data. Consumers routinely undergo the stress of fraudulent charges or compromised credit cards. Terms such as "botnet" have become part...

    • Downloads: 1123
  • For Security & Risk Professionals

    Report:Kill Your Data To Protect It From Cybercriminals

    Strategic Plan: The Data Security And Privacy Playbook

    As cybercriminals have become more skillful and sophisticated, they have eroded the effectiveness of our traditional perimeter-based security controls. The constantly mutating threat landscape...

    • Downloads: 1140
  • For Security & Risk Professionals

    Report:Top 15 Trends S&R Pros Should Watch: Q2 2013

    From frantic security operations problems to the changing threat landscape, CISOs, senior security leaders, and other IT risk management leaders consistently have trouble keeping up with key trends...

    • Downloads: 910
  • For Security & Risk Professionals

    Report:Market Overview: Intrusion Prevention Systems, Q2 2011

    A Mature Space, IPS Is Still The Bulwark Of Network Security

    An intrusion prevention system (IPS) complements traditional firewalls by inspecting the entire network packet looking for malicious traffic that is often invisible to Layer 3 firewalls. While...

    • Downloads: 1044
  • For Security & Risk Professionals

    Report:Protect Your Intellectual Property And Customer Data From Theft And Abuse

    Executive Overview: The Data Security And Privacy Playbook

    Data is the lifeblood of today's digital businesses, but for economic and even political gain, highly skilled cybercriminals and malicious insiders are determined to steal it. Meanwhile, customers...

    • Downloads: 852
  • For Security & Risk Professionals

    Report:Twelve Recommendations For Your Security Program In 2014

    Customer Trust And Digital Disruption Are Key Considerations For Your 2014 Security Strategy

    Every winter Forrester outlines 12 important recommendations for your security and risk management strategy for the coming year. These recommendations stem from our understanding of the current state...

    • Downloads: 911
  • For Security & Risk Professionals

    Report:Defend Your Business From The Mutating Threat Landscape

    Business Case: The Security Architecture And Operations Playbook

    We may look back on 2011 and 2012 as the golden age of hacking. In 2011, we saw well-publicized and devastating attacks such as the one that brought down the Sony PlayStation Network (PSN). In 2012,...

    • Downloads: 1024
  • For Security & Risk Professionals

    Report:Confessions Of A QSA: The Inside Story Of PCI Compliance

    PCI (Payment Card Industry) compliance — a requirement for accepting credit card transactions — can be difficult. About 65% of global enterprises are still working on their PCI compliance...

    • Downloads: 932
  • For Security & Risk Professionals

    Report:Pull Your Head Out Of The Sand And Put It On A Swivel: Introducing Network Analysis And Visibility

    Essential Functionality For The Zero Trust Model Of Information Security

    In today's threat environment, the network perimeter has disappeared. Insiders are as insidious a threat as outsiders. In the past, the "trust but verify" model did not facilitate insight into...

    • Downloads: 1004
  • For Security & Risk Professionals

    Report:PCI X-Ray: Log Management

    To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

    • Downloads: 956
  • For Security & Risk Professionals

    Report:PCI Unleashed

    Using PCI As A Foundation For Security And Risk Management

    PCI is controversial. As with any business requirement, it has its good parts and bad parts. Too many companies spin their wheels and complain about what they perceive as the negative or unjust parts...

    • Downloads: 922
  • For Security & Risk Professionals

    Report:SOC 2.0: Virtualizing Security Operations

    Increase Efficiency, Lower Costs, And Improve Security

    Staffing the traditional security operations center (SOC) is expensive. Forrester anticipates that the SOC will become virtualized in the future, in a next-generation transformation that we call "SOC...

    • Downloads: 971
  • For Security & Risk Professionals

    Report:Defend Your Data From Cyberthreats With A Zero Trust Network

    Executive Overview: The Security Architecture And Operations Playbook

    We've all heard about the "evolving threat landscape." In biology, evolution is a process that takes millions of years to occur as a result of small changes in successive generations. Mutations, in...

    • Downloads: 684
  • For Security & Risk Professionals

    Report:Threat Alert: Wireless Is The New Internet

    Until the recent indictment of 11 people for hacking into retailers' wireless networks and stealing more than 40 million credit and debit card accounts, the focus of corporate network teams has been...

    • Downloads: 661
  • For Security & Risk Professionals

    Report:Applying Zero Trust To The Extended Enterprise

    Preparing Your Network For Any Device, Anywhere, Any Time

    You are part of an extended enterprise — a new extended ecosystem of customers, clouds, service providers, partners, supply chains, and empowered users. The business expects you, the security...

    • Downloads: 874
  • For Security & Risk Professionals

    Report:If You Don't Have IPS, You Deserve To Be Hacked

    In the beginning was the alert, but the alert drove everyone crazy so the IT staff quit looking at the logs. That long-gone era represents the glory days of intrusion detection systems (IDS)....

    • Downloads: 710
  • For Security & Risk Professionals

    Report:PCI X-Ray: Firewalls

    To effectively deal with the broad and complex requirements of Payment Card Industry (PCI) data security, you need to break the elements apart to provide enhanced clarity. We've designed the PCI...

    • Downloads: 760