Chris Sherman

Senior Analyst Serving Security & Risk Professionals

Read Chris's blog posts

Chris is a senior analyst serving Security & Risk (S&R) Professionals. His research focuses on helping S&R pros make strategic decisions regarding endpoint security (laptops, PCs, smartphones, and tablets) and data privacy, such as how to secure employee-owned devices while meeting industry compliance standards. Chris also leads Forrester's healthcare infosec coverage and has published multiple reports on budgets, priorities, and best practices within the areas of healthcare security and medical device security.

Previous Work Experience

Prior to his role as an analyst, Chris was a researcher on the S&R team, where he helped Forrester clients with insights and best practices in endpoint security, mobile security, cloud security, and data privacy. Chris joined Forrester from Harvard Medical School, where he served as a research associate based at Massachusetts General Hospital. He brings with him an extensive background in scientific research, quantitative analysis, and project management.

Education

Chris received his B.A. degree in psychology from the University of Maine.

Print Bio

Chris Sherman

Senior Analyst Serving Security & Risk Professionals

Read Chris's blog posts

Previous Work Experience

Education

Chris received his B.A. degree in psychology from the University of Maine.

Research Coverage

Chris Sherman's Research

Most RecentMost Popular

For Security & Risk Professionals

REPORT: The Future Of Endpoint Protection, 2019 To 2024

Endpoint Security Will Focus On Apps' And Users' Behavior

January 24, 2019Chris Sherman

Security leaders have struggled for the past 20 years to balance effective endpoint security with good employee experience, and this challenge will only get tougher as attacks and technologies become more complex. In the next five years, security professionals will increasingly rely on native device security and application security controls to protect corporate users and assets. This report highlights the critical steps to take now to prepare for these future changes.
For Security & Risk Professionals

REPORT: The State Of Endpoint Security, 2019

Buyers Demand Better Product Efficacy And Integrated Data Security

January 22, 2019Chris Sherman, Salvatore Schiano

Every year, Forrester surveys thousands of security decision makers and information workers around the world. This report examines endpoint security spending and adoption patterns to help security leaders benchmark their 2019 plans against those of their peers. It also highlights the most important trends that will affect the endpoint security industry in 2019 and beyond.
For Infrastructure & Operations Professionals

REPORT: The Forrester Wave™: Unified Endpoint Management, Q4 2018

The 12 Providers That Matter Most And How They Stack Up

November 20, 2018 Andrew Hewitt, Chris Sherman

In our 28-criterion evaluation of unified endpoint management (UEM) providers, we identified the 12 most significant ones — BlackBerry, Cisco, Citrix Systems, IBM, Ivanti, Jamf, Kaspersky Lab, Matrix42, Microsoft, MobileIron, Sophos, and VMware — and researched, analyzed, and scored them. This report shows how each provider measures up and helps infrastructure and operations (I&O) professionals make the right choice.
For Security & Risk Professionals

REPORT: The Forrester Wave™: Endpoint Security Suites, Q2 2018

The 15 Providers That Matter Most To Enterprises And How They Stack Up

June 21, 2018Chris Sherman, Salvatore Schiano

In our 21-criteria evaluation of endpoint security suite providers, we identified the 15 most significant ones — Bitdefender, Carbon Black, Check Point, Cisco, CrowdStrike, Cylance, ESET, Ivanti, Kaspersky Lab, Malwarebytes, McAfee, Microsoft, Sophos, Symantec, and Trend Micro — and researched, analyzed, and scored them. This report shows how each provider measures up to help security professionals make the right choice.
For Security & Risk Professionals

REPORT: Now Tech: Mobile Security, Q1 2018

Forrester's Overview Of 20 Mobile Security Providers

March 15, 2018Chris Sherman

You can use mobile security tools to enable employees to be productive, serve customers, generate revenue, and maintain a competitive edge, even as targeted attacks threaten your assets and information. But to access these benefits, you'll first have to select from a diverse set of vendors — vendors that vary by size, product functionality, geography, and vertical market focus. Security professionals can use Forrester's Now Tech report to understand the value you can expect from a mobile security provider and select the vendors based on available functionality.

For Security & Risk Professionals

REPORT: Define A Compelling Strategy To Secure And Protect Mobile Moments

February 14, 2017 Laura Koetzle, Chris Sherman, Michele Pelino

This report helps security and risk (S&R) leaders develop comprehensive strategic mobile security plans to secure and protect both employees' and customers' mobile moments — without degrading the quality of those experiences. Developing a comprehensive mobility strategy requires S&R leaders to: 1) collaborate with executives and decision-makers across the business; 2) communicate the need for a comprehensive mobile strategy; 3) understand current and future mobility requirements; and 4) develop and document a future road map. This is an update of a previously published report; Forrester reviews and updates it periodically for continued relevance and accuracy.
For Security & Risk Professionals

REPORT: Forrester's 2017 Interactive Data Privacy Heat Map

September 14, 2017 Enza Iannopollo, Chris Sherman, Heidi Shey, Alexander Spiliotes

To help S&R professionals navigate the complex landscape of privacy laws around the world, Forrester created the Data Privacy Heat Map, which explains the data protection guidelines and practices for 54 countries. It also covers government surveillance, cross-border data transfers, regulatory enforcement, and data center locations around the globe. Due to the dynamic nature of data protection legislation, we update the interactive tool whenever there are significant changes to relevant legislation. We also conduct an annual comprehensive review and update.
For Security & Risk Professionals

REPORT: Ransomware Protection: Five Best Practices

Harden Your Defenses Now For This Growing Threat

July 27, 2017Chris Sherman, Salvatore Schiano

Ransomware is holding enterprises hostage. Recent outbreaks from variants such as WannaCry and Petya have many security and risk (S&R) pros wondering if they can prevent this growing threat. By focusing on the basics and implementing proper controls, however, S&R pros can slow the ransomware spread. This report explains the rise of ransomware and examines strategies for preventing it — or recovering from it if you become a victim. Learn best practices to avoid facing an unnerving decision of whether to negotiate with cyberterrorists.
For Security & Risk Professionals

REPORT: Define A Road Map For Mobile Security And Operations

May 16, 2012Benjamin Gray, Chenxi Wang, Christian Kane, Chris Sherman

This report outlines the road map of Forrester's solution for security and risk (S&R) executives working with their counterparts in infrastructure and operations (I&O) to build a five-year technology road map for mobile security and operations. The emergence of smartphones and tablets in the enterprise is completely changing IT's relationship with the business, moving from a technology-centric to a user-centric point of view. In this new world, user experience and self-service become fundamental tenets of any mobile strategy to enable bring-your-own-device (BYOD) programs and combat rogue IT initiatives. This report focuses on how IT professionals from both S&R and I&O can adapt to this significant shift and how to build an effective five-year road map for mobility.
For Security & Risk Professionals

REPORT: Twelve Recommendations For Your Security Program In 2014

Customer Trust And Digital Disruption Are Key Considerations For Your 2014 Security Strategy

February 5, 2014Andrew Rose, Stephanie Balaouras, John Kindervag, Ed Ferrara, Eve Maler, Andras Cser, Heidi Shey, Rick Holland, Tyler Shields, Chris Sherman

Every winter Forrester outlines 12 important recommendations for your security and risk management strategy for the coming year. These recommendations stem from our understanding of the current state of the industry, major upcoming shifts in the security technology landscape, and the anticipated business and technology changes that will affect organizations around the world, all based on thousands of client inquiries and engagements. Our 2014 recommendations fall into four major themes: 1) building customer trust; 2) securing mobile experiences; 3) coping with big data; and 4) paving the way for successful digital disruption. This report outlines each recommendation and explains how to take advantage of these trends to elevate your position in the organization.