Heidi Shey
Principal Analyst

Author Insights
Blog
Get A Head Start On The National Cybersecurity Strategy
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog
We Need To Talk More About Burnout In Cybersecurity
Forrester predicted that in 2023, a Global 500 firm will be exposed for burning out its cybersecurity employees. In 2022, we saw at a very practical level in Australia that weaknesses in our cyberdefenses can impact society at mass levels. Impacts of breaches at Optus, Medibank, EnergyAustralia, and MyDeal include fines, exposure of millions of […]
Blog
Deciphering Apple’s Recently Announced Data Protection Features
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
Blog
Predictions 2023: Security Pros Face Greater Internal Risks
On top of the usual challenges, in 2023, security pros will see more risk coming from internal forces, such as enabling anywhere work and the future of the office. Learn more in our 2023 predictions.
Blog
It’s More Than Just Emojis: Secure Your Communications
What’s within an employee chat? More than emojis. Employee communications via chat, voice calls, and videoconferencing can include customers’ personal information, insights about business operations, or other highly sensitive material. Consumer apps aren’t suited for such purposes. They lack enterprise controls for management and compliance, have privacy policies and terms of use that can change […]
Blog
Redefining Data Security For The Modern Age
Learn how to redefine data security in an age of multicloud, anywhere work, edge computing, and changing privacy regulations.
Blog
Who’s Responsible For Cyber Insurance Policy Misrepresentations? It Depends.
On July 6, 2022, the Travelers Property Casualty Company of America (Travelers Insurance) filed a suit in an Illinois federal court against International Control Services, Inc. (ICS) asking for policy rescission and declaratory judgment against ICS. Travelers alleges that ICS misrepresented its use of multifactor authentication (MFA) on its policy application, which should be sufficient […]
Blog
NIST PQ: “Lattice” Pick A Winner
Last week, we wondered if early reports indicating that NIST would announce the winners of its post-quantum cryptography competition would come to fruition anytime soon. Happily, they have. After an evaluation process that began with a call for nominations in 2016 and culled dozens of potential post-quantum (PQ) cryptographic algorithms down to seven finalists and […]
Blog
The Interminable Wait: The NIST Post-Quantum Competition
While we wait to learn the winners, here's a bit of history.
Blog
Practice Empathy To Reduce Insider Risk
Companies announcing layoffs need to pay attention to insider risk. Showing compassion and communicating openly can help.
Blog
Cyber Insurance: What The Changing Power Dynamics Mean For You
Cyber insurance is only one component of a bigger enterprise cybersecurity risk management program. However, the cyber insurance market has been on a roller coaster, with skyrocketing premiums, changes in coverage, and a demand for policies that outweighs available supply. After years of affordable and readily available policies, the ubiquity of cyber insurance combined with […]
Blog
So aktualisieren Sie Ihr Risikomanagement angesichts des Krieges in der Ukraine
Führende Risikomanagementunternehmen in Europa und weltweit sind bereits vom Krieg in der Ukraine und den gegen russische und weißrussische Akteure verhängten Sanktionen betroffen. Forrester-Analysten geben in diesem Beitrag ihre Einschätzung.
Blog
Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne
Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne
Blog
Mit diesen Schritten können Sie sich auf die Auswirkungen des Krieges in der Ukraine auf die Cybersicherheit vorbereiten und entsprechend handeln
11 Schritte, die Sie jetzt tun können, um Ihre Risiken und die Gefährdung durch Cyber-Bedrohungen im Zusammenhang mit dem Krieg zu verringern.
Blog
Comment Mettre À Jour Votre Stratégie De Gestion Des Risques Face À La Guerre En Ukraine
Les leaders de la gestion des risques en Europe et dans le monde sont déjà impactés par la guerre en Ukraine et les sanctions imposées aux acteurs russes et biélorusses. Les analystes de Forrester fournissent leurs conseils dans cet article.
Blog
Mesures Pour Vous Préparer Et Gérer Les Effets Sur La Cybersécurité De La Guerre En Ukraine
Onze choses que vous pouvez faire maintenant pour réduire vos risques et votre exposition aux cybermenaces liées à la guerre.
Blog
Okta Lapsus$ Compromise: How To Make Sure You’re Protected
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog
Fix The Vulnerability Within: Break Gender Bias In Cybersecurity
Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]
Blog
Navigate China’s New Data And AI Regulations
Firms often struggle to identify the appropriate security controls and practices to comply with fast-changing data regulations. Here are three practices firms should adapt to keep pace.
Blog
Here’s How To Update Your Risk Management Posture Given The War In Ukraine
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
More posts