Forrester

For Security & Risk Professionals

Client Inquiry:How Should We Determine Appropriate Application Security?

Which apps require more security versus less security?

For Security & Risk Professionals

Client Inquiry:Should We Use OAuth For A Single Security Domain?

My organization is just beginning to externally expose services for our first native mobile application. We currently have a single sign-on (SSO) security infrastructure for our web applications....

For Security & Risk Professionals

Client Inquiry:What Is Forrester's Perspective On Voice-As-PIN And Retinal Security?

Do you have any thoughts on using voice-as-PIN and retinal security, from a security perspective as well as an end user customer-experience perspective?

For Security & Risk Professionals

Client Inquiry:What Is Forrester's Analysis On Biometric Signatures?

We are interested in understanding more about biometric signatures. What is your view of these technologies?

For Security & Risk Professionals

Client Inquiry:How Should We Select Unified Threat Management Vendors?

We are in the process of selecting unified threat management (UTM) vendors. We have completed a decision analysis based on a technical needs assessment, but we need help narrowing down our vendors....

For Security & Risk Professionals

Report:Navigate The Future Of Compliance And Risk Management

Vision: The Governance, Risk, And Compliance Playbook

This report outlines the future look of Forrester's solution for security and risk (S&R) executives working to build their organization's governance, risk, and compliance (GRC) program. We designed...

• Downloads: 483

For Security & Risk Professionals

Tool:Forrester Wave™: Managed Security Services: North America, Q1 2012

For Security & Risk Professionals

Tool:Forrester Wave™: Emerging Managed Security Service Providers, Q1 2013

For Security & Risk Professionals

Blog:Observations From Black Hat - More Defense Please

Last week I had the opportunity to attend the 15th annual Black Hat security conference in Las Vegas. I have attended DEFCON in the past, but never Black Hat. The conference has grown significantly...

For Security & Risk Professionals

Report:The 15 Most Important Questions To Ask Your Cloud Identity And Access Management Provider

During the past three years, cloud-based identity and access management (IAM) solutions have become a viable and cost-effective alternative to on-premises, commercial off-the-shelf (COTS), or...

• Downloads: 194
• Comments: 3
• Rating:

For Security & Risk Professionals

Report:Understand The State Of Network Security: 2012 To 2013

Benchmarks: The Security Architecture And Operations Playbook

Throughout the year, Forrester analysts engage in hundreds of discussions with vendors and end users about security architecture and operations. Analysis of B2B survey data from Forrester's...

• Downloads: 528
• Rating:

For Security & Risk Professionals

Tool:Capture Information Security Costs

For Security & Risk Professionals

Report:Address Complexity With Mobile Security And Operations

Strategic Plan: The Mobile Security And Operations Playbook

This report outlines the strategic vision of Forrester's solution for security and risk (S&R) and infrastructure and operations (I&O) executives leading the development of their firm's mobile...

• Downloads: 616
• Rating:

For Security & Risk Professionals

Blog:The Psychology Of Bad News

  Last night I stumbled across a documentary on BBC2 (content only available to UK residents – sorry!) about the human brain. One section talked about how the brain perceived risk issues...

For Security & Risk Professionals

Client Inquiry:What Are Current Trends In Remote Access And SSL Functionality?

We are currently exploring all remote access options, particularly SSL functionality. What kind of trends are you are seeing in these areas?

For Security & Risk Professionals

Blog:Crowdsourcing my RSA panels

The San Francisco RSA conference is now less than two weeks away, and this year I am moderating two great panels. I thought I'd reach out and solicit suggestions for discussion.  ...

For Security & Risk Professionals

Blog:Implement A Successful GRC Program With Forrester's Governance, Risk, and Compliance Playbook

I’m proud to announce that this week Forrester launched our Governance, Risk, and Compliance Playbook, a collection of in-depth reports covering the critical information you need to implement a...

For Security & Risk Professionals

Report:Define A Road Map For Mobile Security And Operations

Road Map: The Mobile Security And Operations Playbook

This report outlines the road map of Forrester's solution for security and risk (S&R) executives working with their counterparts in infrastructure and operations (I&O) to build a five-year technology...

• Downloads: 1137
• Rating:

For Security & Risk Professionals

Blog:CISOs Must Act As The Glue Between BC, DR, And Security

During the past three years, you may have noticed that security and risk professionals have added a new term to their lexicon – business resiliency. Is this just an attempt by vendors to...

For Security & Risk Professionals

Blog:Expense In Depth And The Trouble With The Tribbles

You remember the tribbles don't you? The cute, harmless looking alien species from the second season of the original Star Trek that turn out to be anything but benign. They are born pregnant and...

For Security & Risk Professionals

Report:Strategy Deep Dive: Define Your Data

Rethinking Data Discovery And Classification For Data Security

Defining data via data discovery and classification is an often overlooked, yet critical, component of data security and control. Security and risk (S&R) pros can't expect to adequately protect data...

• Downloads: 185
• Rating:

For Security & Risk Professionals

Blog:Blending Cloud IAM Delivery Flavors: Convergence Of In-House And IAM Suite Offerings

Today we see two basic flavors of cloud IAM. One archetype is the model offered by Covisint, VMware Horizon, Symplified, Okta, OneLogin, etc.: these vendors provide relatively tight integration, but...

For Security & Risk Professionals

Report:The 2012 Consumer Security Market Landscape: Key Dynamics And Growth Opportunities

Freeware solutions, device proliferation, consumerization, the app Internet, and new entrants offering adjacent consumer privacy and security offerings have and will continue to change consumer...

• Downloads: 279

For Security & Risk Professionals

Client Inquiry:What Is The Industry-Standard Definition Of "Intrusion"?

I'm looking for an industry-standard definition of an "intrusion," including examples, scope, and scale if applicable. We have reporting obligations to the FBI and DSS for cyber intrusions.

For Security & Risk Professionals

Blog:How Will The Extended Enterprise And Zero Trust Identities Impact Your Identity Administration Processes?

We regularly get inquiries from companies that feel the need to restructure their access controls to support extended enterprise user populations: firms have to support employees, contractors,...