Rick Holland

Principal Analyst serving Security & Risk PROFESSIONALS

Rick Holland is a principal analyst at Forrester Research, where he serves Security & Risk Professionals. Rick works with senior information security leadership, providing strategic guidance on security architecture, security operations, and data privacy. His research focuses on incident response, threat intelligence, vulnerability management, email and web content security, and virtualization security. Rick speaks at security events including the RSA conference and SANS summits. He is regularly quoted in the media and is a frequent guest lecturer at the University of Texas at Dallas.

Previous Work Experience

Prior to joining Forrester, Rick was a solutions engineer with a national information security reseller and service provider. He advised Fortune 500 clients on security strategy and architected enterprise security solutions. Before that, he worked in both higher education and the home building industry, where he focused on intrusion detection, incident handling, and forensics. Rick also served as an intelligence analyst in the US Army stationed in the US, Europe, and the Middle East.

Education

Rick holds a B.S. in business administration with an MIS concentration (cum laude) from the University of Texas at Dallas. Rick is also a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), and a GIAC Certified Incident Handler (GCIH).

Refine your results

Date Range

Methodology

Industry

Topics

Market Imperatives

Region

Vendor

39 results in Reports

  • Rick Holland
  • For Security & Risk Professionals

    Report:Twelve Recommendations For Your Security Program In 2015

    Political Instability And Cyberterrorism Raise The Security Stakes For Digital Businesses

    Each winter, Forrester outlines 12 important recommendations for your security strategy for the coming year. We base these recommendations on thousands of client inquiries and interactions,...

    • Downloads: 238
  • For Security & Risk Professionals

    Report:Planning For Failure

    An Effective Incident Management Program Is Essential To Help You Stay In Business

    S&R pros, it's not a question of if — but when — your organization will experience a serious security breach. Cybercriminals are using more sophisticated and targeted attacks to steal...

    • Downloads: 992
  • For Security & Risk Professionals

    Report:Forrester's Targeted-Attack Hierarchy Of Needs: Assess Your Core Capabilities

    Assessment: The Security Architecture And Operations Playbook

    Targeted attacks continue to plague organizations, and these intrusions damage the brand, customer loyalty, and margins. Preparing for and responding to these attacks requires a focused and resolute...

    • Downloads: 690
  • For Security & Risk Professionals

    Report:Quick Take: Sony Breach — A Sad Tale Of Epic Failure That Could Have Been Avoided

    Businesses Must Prepare For Politically And Socially Motivated Cyberattacks And Cyberespionage

    Although we are in the early stages of Sony Pictures Entertainment's (SPE's) catastrophically embarrassing intrusion, there are still many lessons that security and risk (S&R) professionals can take...

    • Downloads: 286
  • For Security & Risk Professionals

    Report:Quick Take: Cisco Acquires Neohapsis

    Deal Will Expand Cisco's Capabilities In Application, Cloud, And Mobile Security

    Cisco Systems announced this week its intent to acquire closely held Chicago-based Neohapsis, a decision that will substantially broaden Cisco's consulting capabilities. Most notably, the acquisition...

    • Downloads: 39
  • For Security & Risk Professionals

    Report:Transform Your Security Architecture And Operations For The Zero Trust Ecosystem

    Landscape: The Security Architecture And Operations Playbook

    Forrester's Zero Trust Model of information security banishes the old security motto of "trust but verify" and replaces it with a new motto: "Verify but never trust." When you're trying to protect...

    • Downloads: 829
  • For Security & Risk Professionals

    Report:Job Description: Security Architect

    Organization: The Security Architecture And Operations Playbook

    We designed this report for security and risk (S&R) executives who are rethinking their security architecture and working to improve the effectiveness of their operations, to help them hire one of...

    • Downloads: 906
  • For Security & Risk Professionals

    Report:Know Your Adversary

    Five Steps To Incorporate Adversary Intelligence Into Your Cybersecurity Program

    In February 2013, incident management and forensics expert Mandiant issued a report exposing the identities of three members of a cyberespionage group known as APT1. Then in May 2014, the US...

    • Downloads: 199
  • For Security & Risk Professionals

    Report:Quick Take: Proofpoint Acquires Nexgate

    Acquisition Signals A Maturing Social Risk And Compliance Market, But Proofpoint Still Has 'Points To Prove'

    On October 23, 2014, Proofpoint announced that it had acquired social risk and compliance (SRC) vendor Nexgate for approximately $35 million. While smaller than other security or social media vendor...

    • Downloads: 51
  • For Security & Risk Professionals

    Report:Quick Take: BAE Systems Buys SilverSky

    Acquisition Extends BAE's Analytics And Threat Intelligence Into Commercial Markets

    BAE Applied Intelligence — a subsidiary of BAE Systems — has made the next logical step to operationalize its security analytics and threat intelligence offerings by acquiring managed...

    • Downloads: 60
  • For Security & Risk Professionals

    Report:Quick Take: Symantec Splits In Two

    Splitting Is Symantec's Best Opportunity To Refocus, Innovate, And Compete

    On October 9, 2014, Symantec announced that it will separate into two independent, publicly traded companies. Recently appointed CEO, Michael Brown, will stay on as CEO of Symantec, which will market...

    • Downloads: 133
  • For Security & Risk Professionals

    Report:Brief: Apple Throws Down The Privacy Gauntlet

    Apple Offers New Commitment And Tech To Protect Privacy, But It Needs To Go Much Further

    On September 17, 2014, Apple's chief executive officer, Tim Cook, published a letter detailing Apple's commitment to customer privacy. The unfortunate timing of Apple's highly public and embarrassing...

    • Downloads: 63
  • For Security & Risk Professionals

    Report:Use Actionable Threat Intelligence To Protect Your Digital Business

    Threat Intel Must Have Business Alignment, Relevance, And Integration To Be Effective

    Threat intelligence is one of the most over-hyped capabilities within information security today. Ask five different security vendors what actionable threat intelligence means and you will...

    • Downloads: 311
  • For Security & Risk Professionals

    Report:Forrester's Targeted-Attack Hierarchy Of Needs: Assess Your Advanced Capabilities

    Multiple Technologies Are Required For Breach Detection

    In part 1 of our research series, we detailed the foundational requirements for building the necessary resiliency to targeted cyberattacks. With the foundational requirements in place, security and...

    • Downloads: 430
  • For Security & Risk Professionals

    Report:Brief: S&R Pros Can No Longer Ignore Threats To Critical Infrastructure

    When Selecting Security Vendors, Look For Specialized Industry Expertise

    For years, security and risk (S&R) professionals have focused almost exclusively on protecting the organization's sensitive information resources, such as customer data, intellectual property, and...

    • Downloads: 169
  • For Security & Risk Professionals

    Report:Develop A Two-Phased DDoS Mitigation Strategy

    Protect Yourself From Hacktivists And Other Cybercriminals

    Until recently, distributed denial of service (DDoS) attacks had been part of infosec lore: something you heard about but rarely experienced. With the rise of hacktivist groups and other...

    • Downloads: 584
  • For Security & Risk Professionals

    Report:Brief: Proofpoint Strengthens Its Targeted Attack Defense With NetCitadel Acquisition

    Acquisition Is Proof That You Must Integrate Advanced Detection With Incident Response

    On May 20, 2014, Proofpoint announced that it had acquired Silicon-Valley-based startup NetCitadel, a privately owned incident response company, for approximately $24 million in cash. While small,...

    • Downloads: 70
  • For Security & Risk Professionals

    Report:Defend Your Data From Cyberthreats With A Zero Trust Network

    Executive Overview: The Security Architecture And Operations Playbook

    We've all heard about the "evolving threat landscape." In biology, evolution is a process that takes millions of years to occur as a result of small changes in successive generations. Mutations, in...

    • Downloads: 829
  • For Security & Risk Professionals

    Report:Quick Take: Cisco Acquires ThreatGrid, Bolstering Advanced Malware Protection

    Cisco Broadens A Strong Portfolio But Still Needs To Better Explain Its Overall Security Product Road Map

    On May 20, 2014, Cisco Systems announced its intention to acquire privately-held dynamic malware analysis company ThreatGrid for an undisclosed amount. This acquisition enhances Cisco Systems'...

    • Downloads: 95
  • For Security & Risk Professionals

    Report:Brief: S&R Pros Remain Unprepared To Address Virtualization And Cloud Security Risks

    S&R Pros Must Accelerate Their Knowledge, Skills, And Approach To Avoid Failure

    For years, infrastructure and operations (I&O) leaders have embraced virtualization as a means to achieve consolidation and cost savings. Today, virtualization offers more than just cost savings: It...

    • Downloads: 254
  • For Security & Risk Professionals

    Report:Top 15 Trends S&R Pros Should Watch: 2014

    Each year, analysts from across Forrester's security and risk research team draw insight from our hundreds of enterprise questions, vendor briefings, and consultations; the 25-plus research projects...

    • Downloads: 671
  • For Security & Risk Professionals

    Report:Quick Take: Stem The "Heartbleed"

    How To Fix A Broken OpenSSL Implementation And What To Do While Everyone Else Fixes Theirs

    To secure eCommerce, banking, healthcare, and other high-risk transactions, many security pros use the secure socket layer/transport layer security (SSL/TLS) protocol to encrypt sensitive information...

    • Downloads: 393
  • For Security & Risk Professionals

    Report:Quick Take: Palo Alto Networks Acquires Cyvera

    Palo Alto Extends Its Reach To The Endpoint

    On March 24, 2014, Palo Alto Networks announced an agreement to acquire Cyvera, a privately held endpoint security company, for approximately $200 million. With the acquisition, Palo Alto Networks...

    • Downloads: 98
  • For Security & Risk Professionals

    Report:Quick Take: Bit9 And Carbon Black Merge

    Bit9 With Carbon Credits Is An Impressive Endpoint Security Play

    On February 13, 2014, Bit9 announced that it had merged with endpoint incident response startup Carbon Black, for an undisclosed amount. Bit9 also announced that it had raised $38.25 million to fuel...

    • Downloads: 108
  • For Security & Risk Professionals

    Report:Twelve Recommendations For Your Security Program In 2014

    Customer Trust And Digital Disruption Are Key Considerations For Your 2014 Security Strategy

    Every winter Forrester outlines 12 important recommendations for your security and risk management strategy for the coming year. These recommendations stem from our understanding of the current state...

    • Downloads: 1011