Once a month, my co-research director and partner in crime, Chris McClean, and I will use our blog to highlight one of the 26 people who collaborate to deliver our team’s research and services and always make Chris and I look really, really good. Each “Analyst Spotlight” includes an informational podcast and an offbeat interview with the analyst. This month’s Analyst Spotlight features our newest analyst, Martin Whitworth. Based in London and bringing experience as a CISO and Head of Security across several industries, Martin will cover the most pressing issues keeping CISOs reaching for another bourbon on the rocks, including security strategy, maturity, skills and staffing, business alignment, and everyone’s favorite pastime, reporting to the board. 
Martin Whitworth Image Prior to joining Forrester, Martin served as CISO and senior security leader for a number of blue chip organizations, including Coventry Building Society, Steria Group, UK Payments Council, British Energy/EDF Nuclear Generation, and GMAC. In these roles, he developed and executed a variety of security strategies and programs, and he has extensive experience successfully engaging business and board-level stakeholders. He also has considerable experience as a trusted advisor to security leader peers in the public and private sectors internationally, as well as advising standards and regulatory bodies.
Listen to this month’s podcast to learn about the challenges Martin faced as a CISO, his experience as a CISO in the nuclear energy sector, and his predictions for what previously minor issues will occupy more of CISOs’ time in the near future.

To download the MP3 version of the podcast, click here.


What is your favorite security product or technology?

It has to be cryptography! As a mathematician I can't help but be fascinated by the elegance of well-designed cryptographic protocols (sad, I know!). And, as an end user, we just wouldn't be able to transact securely online without it.

What was your first job?

If we ignore weekend work whilst at school, then my first experience of real work was during my university vacations when I worked in a small engineering company that made bespoke engines for racing cars, including the Ford Escort Rally team. My roles were mainly to machine magnesium cam case covers and try not to set the place on fire!


What is one simple thing that a person can do to increase security on his or her phone or computer in less than 10 minutes?

That's easy — if you want to be truly secure, then don't connect your devices to any networks! Seriously, make sure that you apply security patches/fixes.


What’s your favorite book related to security?

There are so many great books related to security. My current favourite is Neal Stephenson's Cryptonomicon, which flip-flops between the code-breaking activities of the Second World War and the challenges of the first Internet bubble in the late 1990s.


What’s your best piece of advice for someone looking to break into the security and risk field?

Quite simply, go for it! Get involved in any way that you can, try to find a mentor or two, and don’t be afraid to make mistakes!

Martin is off to a fast start at Forrester. His first report is already live, and Forrester clients can read it by clicking on the link below:

Security Leaders, Earn Your Seat At The Table



New to the podcast and want to hear more? Check out our past interviews with analysts Merritt MaximJohn KindervagEd FerraraHeidi SheyRenee Murphy, and Tyler Shields.