Allie Mellen

Principal Analyst

Forrester Bio

Author Insights

Blog

Breaking Down The US Executive Order To Protect Americans’ Sensitive Personal Data

Stephanie Liu February 29, 2024
Learn the key takeaways and market impacts from the Biden administration’s executive order to protect Americans’ sensitive personal data.
Blog

Prescription For Change: Cybersecurity Outage Highlights Critical Vulnerabilities In Healthcare

Jeff Pollard February 23, 2024
A recent cybersecurity incident at Change Healthcare cause the pharmacy claims processors to take its systems offline. Learn the implication of this event and five things firms can do to prepare.
Blog

Tear Down The Tiered Analyst System In The SOC

Allie Mellen January 31, 2024
Learn how taking a new approach to how you position analysts in your security operations center (SOC) can reduce burnout and help build a deeper security talent pool.
Blog

Lessons Learned From Another Year Of Sponsoring Women To Attend S&R Forum

Allie Mellen December 21, 2023
Learn three key lessons from our partnership with Women in Security and Privacy (WISP) in sponsoring attendees at our Security & Risk Forum.
Blog

Retailers Are Being Barraged By Cyberattacks This Holiday Season — Prepare!

Allie Mellen December 14, 2023
Cyberattacks continue to threaten the availability of online shopping for retailers — and the profits that come from it. Retailers can take these three steps to defend against them, this holiday season and into 2024.
Blog

A New Dawn For VMware EUC And Carbon Black, But Not Without Risk

Andrew Hewitt December 8, 2023
Find out how Broadcom's plan to divest VMware’s EUC And Carbon Black businesses could impact customers and the market overall.
Blog

EDR Is Officially Out, And XDR Still Won’t Solve Your SIEM Problems

Allie Mellen November 28, 2023
Forrester predicted that endpoint detection and response (EDR) as we know it would be replaced by extended detection and response (XDR). That day has finally come. Learn the implications of that shift in this blog post.
Blog

VMware Customers: Brace For Impact

Tracy Woo November 22, 2023
With the VMware-Broadcom deal set for closing, what should you know? Learn five key things VMware customers can expect in the coming years.
Blog

The Top Five Things You Need To Know About How Generative AI Is Used In Security Tools

Allie Mellen October 24, 2023
Security leaders need to understand how generative AI is used in security tools and how it may change how their teams operate. Here are five highlights from a new report that will help.
Blog

Exposure Management Looks To Usurp Vulnerability Management, But Is The New Emperor Wearing Any Clothes?

Erik Nost October 16, 2023
Hans Christian Anderson’s classic tale of the emperor that gets duped into a fancy, new, and invisible wardrobe provides lessons in swindling, pride, and truth. It’s only when the emperor struts in front of the commoners that a child finally states, “Wait a minute — there’s nothing to this outfit. He’s not wearing anything.” As […]
Blog

Splunk Is Good For Cisco, But Cisco Needs To Convince Splunk Customers That Cisco Is Good For Them

Allie Mellen September 22, 2023
Find out what Cisco's $28 billion planned acquisition of Splunk could mean for both observability and security.
Blog

“The Blob” Is Poisoning The Security Industry

Allie Mellen September 20, 2023
“The Blob” in the security industry can prevent us from having the deep, real conversations about the actual issues practitioners are facing today. Find out how to avoid this.
Blog

Announcing The 2023 Forrester Security & Risk Scholarship — Apply Now!

Allie Mellen September 5, 2023
A few weeks ago, I spoke on a podcast with some of my former colleagues about my experiences in the security industry as a young woman. TL;DR: It’s not always great, and that’s true for many women in the industry. We showed that in our research on Best Practices: Recruiting, Retaining, And Advancing Women In […]
Blog

Black Hat USA 2023: Insights From Our Short Vegas Residency

Jeff Pollard August 21, 2023
Black Hat USA 2023: Insights From Our Short Vegas Residency Black Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors. A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with […]
Blog

Reap The Rewards Of Empathy, The Emotional Buoy Of Trust

Allie Mellen August 9, 2023
This week, we are thrilled to release new research: Build Trust And Lasting Emotional Bonds With Empathy. This report delves into empathy, one of the most critical of the seven levers of trust defined in the trust imperative.   Forrester defines empathy as: The perception that an organization is emotionally connected to its customers, employees, […]
Blog

Announcing The Detection And Response Development Lifecycle (DR-DLC) For Detection Engineering

Allie Mellen July 25, 2023
Too much data, monolithic software, and control issues. The security operations center is at a tipping point. Learn how following the detection and response development lifecycle framework can help your SOC get beyond it.
Blog

The Busy Security Leader’s Guide To The National Cybersecurity Strategy Implementation Plan

Allie Mellen July 14, 2023
Security and risk leaders beware, the Biden Administration released the next major step in its plan to implement the National Cybersecurity Strategy (NCS) on July 13, 2023. The National Cybersecurity Strategy Implementation Plan (NCSIP) includes 65 federal initiatives across five pillars aimed at increasing cybersecurity investment, assigning federal agencies to specific initiatives, and giving timelines […]
Blog

Key Findings From Forrester’s 2022 Data Breach Benchmarks

Allie Mellen July 10, 2023
Every year, Forrester fields the Forrester Analytics Business Technographics® Security Survey, which provides insight into security decision-makers’ current state, challenges, and forward-looking priorities. We analyzed the 2022 data to assess data breaches across seven primary industries: manufacturing; retail and wholesale; business services and construction; utilities and telecommunications; financial services and insurance; public sector and healthcare; and […]
Blog

Introducing Detection Surface, The Cybersecurity Defense That Parallels Attack Surface

Allie Mellen June 26, 2023
On traditional infrastructure (laptops, servers, workstations, on-premises network infrastructure), the attack surface was the closest match to true perimeter-based defense we could get. The network infrastructure gave access to the systems within (crunchy outside; gooey, cubicle, khakis, and blue button-downs inside). As such, detection of attacker activity was relegated to network-based activity, endpoint-based activity, and […]
Blog

VRM And SOC Teams Can Benefit From Each Other

Erik Nost June 5, 2023
We’re excited to announce our latest research on vulnerability risk management (VRM) and security operations center (SOC) teams. VRM and SOC teams are pivotal parts of the security organization, with different responsibilities but shared challenges. When Allie and I kicked off our research on interlocks between these teams earlier this year, we weren’t sure what […]
More posts