Chris Sherman

Senior Analyst Serving Security & Risk Professionals

Read Chris's blog posts

Chris is a senior analyst serving Security & Risk (S&R) Professionals. His research focuses on helping S&R pros make strategic decisions regarding endpoint security (laptops, PCs, smartphones, and tablets) and data privacy, such as how to secure employee-owned devices while meeting industry compliance standards. Chris also leads Forrester's healthcare infosec coverage and has published multiple reports on budgets, priorities, and best practices within the areas of healthcare security and medical device security.

Previous Work Experience

Prior to his role as an analyst, Chris was a researcher on the S&R team, where he helped Forrester clients with insights and best practices in endpoint security, mobile security, cloud security, and data privacy. Chris joined Forrester from Harvard Medical School, where he served as a research associate based at Massachusetts General Hospital. He brings with him an extensive background in scientific research, quantitative analysis, and project management.

Education

Chris received his B.A. degree in psychology from the University of Maine.

Print Bio

Chris Sherman

Senior Analyst Serving Security & Risk Professionals

Read Chris's blog posts

Previous Work Experience

Education

Chris received his B.A. degree in psychology from the University of Maine.

Research Coverage

Chris Sherman's Research

Most RecentMost Popular

For Security & Risk Professionals

REPORT: The Forrester Wave™: Endpoint Security Suites, Q2 2018

The 15 Providers That Matter Most To Enterprises And How They Stack Up

June 21, 2018Chris Sherman, Salvatore Schiano

In our 21-criteria evaluation of endpoint security suite providers, we identified the 15 most significant ones — Bitdefender, Carbon Black, Check Point, Cisco, CrowdStrike, Cylance, ESET, Ivanti, Kaspersky Lab, Malwarebytes, McAfee, Microsoft, Sophos, Symantec, and Trend Micro — and researched, analyzed, and scored them. This report shows how each provider measures up to help security professionals make the right choice.
For Security & Risk Professionals

REPORT: Now Tech: Mobile Security, Q1 2018

Forrester's Overview Of 20 Mobile Security Providers

March 15, 2018Chris Sherman

You can use mobile security tools to enable employees to be productive, serve customers, generate revenue, and maintain a competitive edge, even as targeted attacks threaten your assets and information. But to access these benefits, you'll first have to select from a diverse set of vendors — vendors that vary by size, product functionality, geography, and vertical market focus. Security professionals can use Forrester's Now Tech report to understand the value you can expect from a mobile security provider and select the vendors based on available functionality.
For Security & Risk Professionals

REPORT: The State Of Endpoint Security, 2018

New Threats Are Driving Technology Consolidation

February 5, 2018Chris Sherman, Salvatore Schiano

Every year, Forrester surveys thousands of security decision makers and information workers around the world. This report examines endpoint security spending and adoption patterns, helping security leaders benchmark their 2018 plans against those of their peers. It also highlights the most important trends that will affect the endpoint security industry in 2018 and beyond.
For Security & Risk Professionals

REPORT: The US Healthcare Security Benchmark 2017 To 2018

Healthcare Providers Must Improve Security For Digital Transformation

January 17, 2018 Salvatore Schiano, Chris Sherman

IT security budgets at US healthcare organizations have lagged behind other industries. In a highly regulated industry, budget constraints have made compliance challenging and impeded security maturity. Yet ongoing regulatory pressure, increased targeted attacks, and healthcare technology innovation demand much higher levels of security maturity. This report examines industry trends, dissects healthcare security budgets and challenges, and provides recommendations to help healthcare security leaders benchmark their efforts and prioritize initiatives.
For Security & Risk Professionals

REPORT: Windows 10 Finally Delivers On Microsoft's Security Promises

A Guide For Taking Full Advantage Of Windows 10 Security And Privacy Features

October 20, 2017Chris Sherman, Heidi Shey, Salvatore Schiano

Microsoft Windows 10 offers many new native security and privacy capabilities that potentially reduce organizations' reliance on third-party endpoint security solutions. When taken together, these capabilities improve the risk posture of your endpoint environment and significantly reduce exposure to OS- and application-level exploits. This report explains to risk and security professionals the best ways to utilize the new Windows 10 security features while keeping users' privacy intact.

For Security & Risk Professionals

REPORT: Define A Compelling Strategy To Secure And Protect Mobile Moments

February 14, 2017 Laura Koetzle, Chris Sherman, Michele Pelino

This report helps security and risk (S&R) leaders develop comprehensive strategic mobile security plans to secure and protect both employees' and customers' mobile moments — without degrading the quality of those experiences. Developing a comprehensive mobility strategy requires S&R leaders to: 1) collaborate with executives and decision-makers across the business; 2) communicate the need for a comprehensive mobile strategy; 3) understand current and future mobility requirements; and 4) develop and document a future road map. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.
For Security & Risk Professionals

REPORT: Forrester's 2017 Interactive Data Privacy Heat Map

Landscape: The Data Security And Privacy Playbook

September 14, 2017 Enza Iannopollo, Chris Sherman, Heidi Shey, Alexander Spiliotes

To help S&R professionals navigate the complex landscape of privacy laws around the world, Forrester created the Data Privacy Heat Map, which explains the data protection guidelines and practices for 54 countries. It also covers government surveillance, cross-border data transfers, regulatory enforcement, and data center locations around the globe. Due to the dynamic nature of data protection legislation, we update the interactive tool whenever there are significant changes to relevant legislation. We also conduct an annual comprehensive review and update.
For Security & Risk Professionals

REPORT: Ransomware Protection: Five Best Practices

Harden Your Defenses Now For This Growing Threat

July 27, 2017Chris Sherman, Salvatore Schiano

Ransomware is holding enterprises hostage. Recent outbreaks from variants such as WannaCry and Petya have many security and risk (S&R) pros wondering if they can prevent this growing threat. By focusing on the basics and implementing proper controls, however, S&R pros can slow the ransomware spread. This report explains the rise of ransomware and examines strategies for preventing it — or recovering from it if you become a victim. Learn best practices to avoid facing an unnerving decision of whether to negotiate with cyberterrorists.
For Security & Risk Professionals

REPORT: Define A Road Map For Mobile Security And Operations

May 16, 2012Benjamin Gray, Chenxi Wang, Christian Kane, Chris Sherman

This report outlines the road map of Forrester's solution for security and risk (S&R) executives working with their counterparts in infrastructure and operations (I&O) to build a five-year technology road map for mobile security and operations. The emergence of smartphones and tablets in the enterprise is completely changing IT's relationship with the business, moving from a technology-centric to a user-centric point of view. In this new world, user experience and self-service become fundamental tenets of any mobile strategy to enable bring-your-own-device (BYOD) programs and combat rogue IT initiatives. This report focuses on how IT professionals from both S&R and I&O can adapt to this significant shift and how to build an effective five-year road map for mobility.
For Security & Risk Professionals

REPORT: Twelve Recommendations For Your Security Program In 2014

Customer Trust And Digital Disruption Are Key Considerations For Your 2014 Security Strategy

February 5, 2014Andrew Rose, Stephanie Balaouras, John Kindervag, Ed Ferrara, Eve Maler, Andras Cser, Heidi Shey, Rick Holland, Tyler Shields, Chris Sherman

Every winter Forrester outlines 12 important recommendations for your security and risk management strategy for the coming year. These recommendations stem from our understanding of the current state of the industry, major upcoming shifts in the security technology landscape, and the anticipated business and technology changes that will affect organizations around the world, all based on thousands of client inquiries and engagements. Our 2014 recommendations fall into four major themes: 1) building customer trust; 2) securing mobile experiences; 3) coping with big data; and 4) paving the way for successful digital disruption. This report outlines each recommendation and explains how to take advantage of these trends to elevate your position in the organization.