For Security & Risk Professionals

Web Application Firewall: 2010 And Beyond

WAF+ Finds Its Place In Firms' Network Infrastructure

by Chenxi Wang, Ph.D., February 8, 2010

...detect and block real-time exploits or attack attempts, and to enforce security policies based on attack signatures, protocol standards, and anomaly detection. Forrester sees...

For Security & Risk Professionals

Security Organization Trends 2010

by Khalid Kark, Jonathan Penn, February 4, 2010

...Security Organization Trends 2010 (.ppt

For Security & Risk Professionals

Shift Happened In The Strong Authentication Market In 2009

Key Vendors Made Dramatic Moves And Are Looking At A Cloudy Future

by Bill Nagel, February 1, 2010

...growth . . . Data from Forrester's annual Business Data Services Enterprise And SMB Security Survey show a small uptick (a few percentage points) in enterprise adoption...

For Security & Risk Professionals

Market Overview: Entitlement Management

Hope For Centrally Managing The Chaos Of SharePoint Permissions

by Andras Cser, February 1, 2010

...decentralized authorizations are difficult and expensive to manage. In recent interviews with security and risk management professionals, we consistently heard that they struggle with disparate...

For B2B Market Research Professionals

The State Of Enterprise IT Security And Emerging Trends: 2009 To 2010

Business Data Services North America And Europe

by Jonathan Penn, January 25, 2010

NORTH AMERICAN AND EUROPEAN ENTERPRISE IT SECURITY OUTLOOK FOR 2010IT security investment and adoption fared relatively well in 2008...

For Vendor Strategy Professionals

The State Of SMB IT Security And Emerging Trends: 2009 To 2010

Business Data Services North America And Europe

by Jonathan Penn, January 25, 2010

NORTH AMERICAN AND EUROPEAN SMB IT SECURITY OUTLOOK FOR 2010IT security investment and adoption fared relatively well in 2008...

For Security & Risk Professionals

Own Nothing. Control Everything.

Five Security Patterns For Securing Data On Devices You Don't Own

by Andrew Jaquith, January 22, 2010

SENSITIVE DATA SPREADS TO NON-COMPANY-OWNED PCSThe enterprise security perimeter is quickly dissolving. Business-sensitive data on outside, non-IT-controlled...

For Technology Product Management & Marketing Professionals

As IaaS Cloud Adoption Goes Global, Tech Vendors Must Address Local Concerns

Infrastructure-As-A-Service Clouds Are Local, And So Are Their Implications

by Jennifer Belissent, Ph.D., January 15, 2010

...with scores of 6.59 and 5.12, respectively. (see endnote 3) Security concerns also come into play. According to the "Symantec Global Internet Security...

For Security & Risk Professionals

Market Overview: E-Signatures In 2010

Straight-Through Processing And Legally Binding Approvals Enable Enterprise Flexibility And Cost Savings

by Bill Nagel, January 15, 2010

FINANCIAL, SECURITY, AND REGULATORY CONCERNS ARE DRIVING E-SIGNATURE ADOPTIONElectronic signatures are gaining momentum...

For Security & Risk Professionals

Twelve Recommendations For Your 2010 Information Security Strategy

by Khalid Kark, January 11, 2010

SECURITY AND RISK PROFESSIONALS FACE UNPRECEDENTED LEVELS OF CHANGESecurity and risk professionals have...

For Security & Risk Professionals

PCI Unleashed

Using PCI As A Foundation For Security And Risk Management

by John Kindervag, January 11, 2010

PCI IS A DISRUPTIVE FORCE IN INFORMATION SECURITYThe Payment Card Industry Data Security Standard (PCI DSS) has swept through the global business community like a...

For Security & Risk Professionals

Trends 2010: Governance, Risk, And Compliance Aim To Support A Controlled Recovery

by Chris McClean, January 7, 2010

...regardless of industry or location. For example, new rules adopted by the Securities and Exchange Commission (SEC) will require public companies to disclose details of...

For Security & Risk Professionals

NAC Snapshot: Endpoint Fingerprinting

by Usman Sindhu, January 6, 2010

...providing guest access for noncorporate laptops and computing devices. Recently, however, many security professionals are asking us about managing non-compute endpoints, sometimes called "dumb...

For Security & Risk Professionals

Introducing ERM To IT Security And Risk

How Enterprise Risk Management Standards Can Work For IT

by Chris McClean, January 6, 2010

IT SECURITY CONTINUES TO STRUGGLE WITH RISK MANAGEMENTFor many organizations, privacy breaches, theft of...

For Infrastructure & Operations Professionals

European Telecom Operator Managed Services Deals Survey: H1 2009

by Phil Sayer, December 29, 2009

Forrester's seventh survey of managed services deals signed in Europe by telecom service providers reviews 812 contract wins recorded in the first half of 2009. The number of deals increased from the 476 that we tracked in H2 2008 and was by far the largest . . .

For Technology Sales Enablement Professionals

Industry Essential: Consumer Packaged Goods Industry

by George Lawrie, December 28, 2009

The consumer packaged goods (CPG) industry generates revenues of more than $2 trillion annually in the US alone, and the value of global brands is truly daunting with Coca-Cola estimated to have a brand worth $67 billion. Selling technology products and . . .

For Consumer Market Research Professionals

Technographics® Survey Highlight: Canadian Online Trust and Mobile Banking

North American Technographics® Financial Services, Media, And Marketing Online Survey, Q3 2009 (Canada)

by Corina Matiesanu, December 24, 2009

This highlight deck summarizes the key findings related to online trust and mobile banking from the North American Technographics Financial Services, Media, And Marketing Online Survey, Q3 2009 (Canada).

For eBusiness & Channel Strategy Professionals

Case Study: CIBC Bolsters Customer Trust By Deploying Trusteer Tools

by Edward Kountz, December 9, 2009

CIBC SOUGHT TO BOLSTER CLIENT TRUST BY ENHANCING BROWSER SECURITY CIBC is one of Canada's largest banks. It provides products and...

For Security & Risk Professionals

Case Study: Intel Implements People As The New Perimeter To Mitigate Social Computing Risks

by Khalid Kark, December 9, 2009

...of defense in mitigating the risks of Social Computing. The responsibility for security needs to shift from the technology itself to the people who manage...

For Security & Risk Professionals

PCI X-Ray: Physical Security

by John Kindervag, December 7, 2009

...with specific requirements of the PCI DSS. They are designed to provide security and risk professionals with guidance and transparency within the PCI arena, allowing...

For Vendor Strategy Professionals

Consumer Security Market Trends, 2009 To 2010: The Freeware Threat

by Jonathan Penn, December 4, 2009

...the consumer market. Vendors reap approximately $3 billion annually in the consumer security market. The major vendors spend millions in marketing and channel relationships to...

For Security & Risk Professionals

E-Signatures Q&A: Legalize It

Minimize The Risks Of Eliminating External-Facing Paper-Based Processes

by Bill Nagel, December 2, 2009

...This momentum is partly due to the need for improved governance and security brought on by regulatory requirements. However, several other factors are playing an...

For Security & Risk Professionals

Data Security Predictions For 2010

Grading Last Year's Predictions, Plus Five Trends For Next Year

by Andrew Jaquith, December 2, 2009

...and Europe seek guidance on the trends that will influence their data security strategies in 2010 and beyond. Last year, Forrester made six predictions about...

For Vendor Strategy Professionals

Consumer Security Market Trends, 2009 To 2010: Changing Channel And Partner Dynamics

by Jonathan Penn, November 30, 2009

MARKET PRESSURES CHANGE THE GO-TO-MARKET DYNAMIC The core consumer security market — antimalware — is largely a battle over market share rather than absolute...

For Security & Risk Professionals

Know Your Code: How Static Analysis Tools Make Applications More Secure

by Chenxi Wang, Ph.D., Andrew Jaquith, November 20, 2009

...YOU CONSIDER STATIC ANALYSIS Static analysis technologies inspect application code for potential security defects without actually executing the application. They do this by parsing source...