David Holmes

Senior Research Analyst

Forrester Bio

David Holmes

Author Insights

Blog

The Microsegmentation Plot Thickens

David Holmes May 10, 2023
Inquiries about microsegmentation (also called Zero Trust segmentation) have been rising steadily, especially since the start of the year. This is great, because it means people are getting serious about Zero Trust (microsegmentation is the super-serious part). All these phone calls are prompting me to share my latest thoughts on the subject, so here we […]
Blog

Insights From The 2023 RSA Conference: Generative AI, Quantum, And Innovation Sandbox

Allie Mellen May 2, 2023
RSAC 2023 is a wrap! The Forrester security and risk team had 11 attendees at the RSA Conference last week. We really enjoyed meeting with clients and colleagues old and new — and now we’re exhausted. It’s no mystery why; as a team, we collectively participated in over 230 meetings and took more than 1.5 […]
Blog

Decoding The New Zero Trust Terminology

David Holmes April 27, 2023
Over the last year, I’ve been scared of two things. Our research teams have been planning and publishing a ton of research around Zero Trust, and since we’re analysts, new terminology, and comorbid acronyms, have emerged. My first fear was that all these new terms would confuse both the readers and the market. The second […]
Blog

All Aboard: Chart Your Course To Zero Trust Intermediate

David Holmes March 9, 2023
Organizations around the world are embarking on their Zero Trust journeys. Often, these voyages are undertaken without a complete understanding of the destination: Zero Trust maturity. Reaching a level of Zero Trust maturity requires careful planning and a steady course to get there. Forrester recently published a report to help security and IT pros achieve […]
Blog

Enterprise Firewalls: The Security Tech That Keeps On Ticking

David Holmes December 20, 2022
Learn the three approaches enterprise firewall vendors are taking to work around a shortage of network security techs.
Blog

Has Zero Trust Killed Defense in Depth? Or “DiD” It Refine It?

Carlos Rivera December 12, 2022
Zero Trust (ZT) continues to make waves (no pun intended), with US federal agencies now publishing guidance, such as the OMB’s M-22-09 or the DoD’s ZT strategy, for effective implementations, allowing for the government to be viewed as a source of trust in cybersecurity — although ZT is still mired in myths, and these can […]
Blog

SentinelOne Secures Identity First, Deception Second, In Attivo Acquisition

David Holmes March 15, 2022
Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]
Blog

Nontraditional DDoS Attacks Are On The Rise

Heath Mullins March 10, 2022
If you have never heard of “DDoS amplification factor” prior to this week, you’re not alone. A new zero-day attack surfaced a vulnerability from an unlikely source: an internet-facing PBX (private branch exchange) system. Bad actors seized upon this opportunity to create a 4,294,967,296:1 amplification load. Yes, that’s 4 billion to one. This is a […]
Blog

OMB’s Zero Trust Strategy: Government Gets Good

David Holmes February 1, 2022
What a time to be alive! Hot on the heels of Forrester’s release of our definition of modern Zero Trust (ZT), the US Office of Management and Budget (OMB) released a memo entitled Moving the US Government Toward Zero Trust Cybersecurity Principles. Coincidence? Yes. A big deal? Also, yes. If executed as mandated, not only […]
Blog

The Definition Of Modern Zero Trust

David Holmes January 24, 2022
Zero Trust faces a bizarre dichotomy. Learn what it is — and perhaps more importantly what it isn't today.
Blog

Forcepoint Acquires Bitglass

Andras Cser October 22, 2021
In its quest to add to its Zero Trust edge (ZTE), also known as secure access service edge (SASE), portfolio, Forcepoint acquired cloud security gateway (CSG), also known as cloud access security broker (CASB), provider Bitglass for a Forrester-estimated $200-300 million last week. Beyond the usual criteria (ability to retain marketing and development talent of Bitglass), […]
Blog

Zero Trust Doesn’t Mean Zero Breaches

David Holmes June 29, 2021
We occasionally get asked this question: “Would Zero Trust have prevented [insert high-profile breach]?” The breach in question could be Equifax, SolarWinds, or the United States Office of Personnel Management. We haven’t been asked (yet) about the announcement from Microsoft this month, where they acknowledged that they were a target of, and indeed had an […]
Blog

DDoS Protection Vendors Introduce Welcome Pricing Innovations

David Holmes March 31, 2021
A few weeks back, in our DDoS Wave launch blog, we promised you a whole blog dedicated just to DDoS protection pricing innovations. Forrester recently published “The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021,” in which we evaluated the 11 most significant distributed denial-of-service (DDoS) vendors on the planet. During our research, we found some […]
Blog

Key Insights From The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021

David Holmes March 10, 2021
The summer before I joined Forrester, I volunteered briefly in the local prison library. The work was fulfilling, but it definitely had its prose and cons. Speaking of prose, you’re about to be treated to a lot of it, because we just published “The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021,” and there’s a whole […]
Blog

Take Security To The Zero Trust Edge

David Holmes February 16, 2021
Senior Analyst David Holmes introduces Forrester’s new model for security and networking services.
Video

Security And Productivity Don’t Have To Be At Odds

Andrew Hewitt August 5, 2020

Blog

Smackdown! Enterprise Monitoring Vs. TLS 1.3 And DNS-Over-HTTPS

David Holmes August 3, 2020
Technically, the male praying mantis mates for life. If you know anything about the mating habits of the female sex of that particular insect, you now also understand the limitations of the word “technically.” Similarly, technically, TLS 1.3 and DNS-over-HTTPS (DoH) are improvements upon previous technologies that are supposed to improve security. But in reality, […]
Blog

T-Mobile’s Object Lesson For The DDoS Initiate

David Holmes June 16, 2020
The T-Mobile DDoS Attack That Wasn’t Yesterday, the internet was atwitter with rumors of a massive distributed denial of service (DDoS) attack against major US carriers. You might have seen scary screenshots from one of the many so-called “pew-pew maps,” like this one: The U.S. is currently under a major DDoS attack. https://t.co/7pmLpWUzUp pic.twitter.com/W5giIA2Inc — […]
Blog

FW4: The Fourth Generation Of Firewalls

David Holmes April 23, 2020
The rapid work-from-home shift caused by the COVID-19 pandemic has accelerated the need for a new approach to firewalls. Senior Analyst David Holmes reviews the latest approach and provides insight into FW4.
Blog

Six Aspects To Palo Alto’s Acquisition Of CloudGenix

Andre Kindness April 15, 2020
On March 31, Palo Alto Networks announced the intent to acquire CloudGenix, a software-defined WAN appliance vendor. This was another announcement in a long list from the security and networking industries about merging together SDWAN and security. Such combinations are inevitable because: SDWAN adoption hasn’t matched the hype. Here is a dirty little secret: SDWAN […]
More posts