Senior Analyst
Brian is a senior analyst at Forrester serving security and risk professionals. He covers cyber threat intelligence, vulnerability risk management, and industrial control system security. In this role, Brian helps organizations identify, assess, and prioritize cyber and physical threats; prepare for emerging attack vectors; and reduce cyber risk in enterprise IT and operational technology (OT) environments.
Brian has over 15 years of military intelligence and cyber threat experience. Prior to joining Forrester, Brian performed cyber intelligence analysis for the Southern Company, one of the largest critical infrastructure asset owners in the US. Previously, Brian was a consultant at Secureworks where he helped build a cyber threat intelligence program for a large financial services client. Brian has published two papers on cyber threat intelligence for SANS and has spoken at SANS Atlanta.
Prior to entering the information security field, Brian spent many years on active duty in the US Army, including a deployment to Afghanistan where he provided tactical intelligence support to US Army special forces teams building local security forces. Brian is qualified as an Army cyber operations planner. He continues to serve in the US Army Reserve supporting the Army’s future force modernization enterprise.
Brian has a BS from Georgia Tech, an MS from Georgia State University, and an MS in information security engineering from the SANS Technology Institute. He also holds the Certified Information Systems Security Professional (CISSP) certification and eight Global Information Assurance Certification (GIAC) certifications.
Threat intelligence is increasingly critical to firms' ability to manage cyber risk and build resilient security programs. To accelerate their threat intelligence...
11 min readRemote work has caused massive shifts in how workers use technology, and traditional approaches to endpoint governance have failed due to an outdated focus...
10 min readIn our 26-criterion evaluation of external threat intelligence services providers, we identified the 12 most significant ones — CrowdStrike, Digital Shadows...
13 min readIn light of the 2020 SolarWinds compromise that affected a substantial number of US government agencies, Microsoft, and FireEye, it's tempting in 2021...
10 min readAn effective security architecture requires insights into your organization's threat landscape, but many S&R professionals are disappointed in the results...
19 min readWebinar: Complete Your Threat Intelligence Collection Plan: Lessons From The Forrester Wave™