Heidi Shey

Principal Analyst

Forrester Bio

Author Insights

Blog

Five Things You Should Know About Burnout In Cybersecurity But Probably Don’t

Jinan Budge 7 days ago
The cybersecurity industry continues to focus almost exclusively on technology at the expense of dealing with the heart of cyberdefenses: the people. Yet the stress of expectations, limited resources, and detriments to well-being continues to cause havoc with the mental and physical health, productivity, and retention of the cybersecurity workforce.
Blog

GenAI: GRC Enters Accelerator Era, And Not A Minute Too Soon!

Alla Valente April 2, 2024
Generative AI offers an opportunity for risk management to reinvent itself from the department of “no” to the discipline of “go.” Find out how in this blog post.
Blog

You Got Your Carbon Black In My Symantec! No, You Got Your Symantec In My Carbon Black!

Paddy Harrington March 13, 2024
What is Broadcom planning to do with VMware’s Carbon Black unit? Find out in this blog covering the plan to integrate Carbon Black with Broadcom's existing product lineup.
Blog

Breaking Down The US Executive Order To Protect Americans’ Sensitive Personal Data

Stephanie Liu February 29, 2024
Learn the key takeaways and market impacts from the Biden administration’s executive order to protect Americans’ sensitive personal data.
Blog

What To Know: A Retrospective Of 2023’s Top Breaches And Fines

Sandy Carielli February 28, 2024
After a retrospective review of the largest publicly reported breaches and privacy violations in 2023, here's what you need to know for 2024.
Blog

Prescription For Change: Cybersecurity Outage Highlights Critical Vulnerabilities In Healthcare

Jeff Pollard February 23, 2024
A recent cybersecurity incident at Change Healthcare cause the pharmacy claims processors to take its systems offline. Learn the implication of this event and five things firms can do to prepare.
Blog

Make Cyber Insurance Work For You

Heidi Shey September 11, 2023
Learn why cyber insurance is a major opportunity in this preview of our upcoming Security & Risk Forum.
Blog

Prevent Data Turnovers With Insider Risk Management

Joseph Blankenship August 28, 2023
Learn some valuable lessons about insider risk management from the New York Knicks and the Toronto Raptors. Really.
Blog

The State Of Data Security, 2023

Heidi Shey August 28, 2023
Learn some of the key data security trends of the year including the causes of breaches, types of data being compromised, and post-breach effects and impact.
Blog

The State Of Cyber Insurance, 2023

Heidi Shey August 24, 2023
Cyber insurance is a common tool for risk transfer today. It’s also a key driver for cybersecurity program investment today. But who has cyber insurance and what benefits do organizations see from it? Analyzing Forrester data on cyber insurance adoption and breach response trends, we find that: Most organizations do not have standalone cyber insurance […]
Blog

Rubrik Acquires Laminar: Data Resilience And Security Join Forces

Heidi Shey August 22, 2023
As security threats increase, data protection and security practices continue to merge. Data resilience firm Rubrik recently announced its acquisition of Laminar, a data security posture management (DSPM) vendor. Together, they aim to enable consistent and unified data security posture visibility that spans on-premises and cloud-based environments. Modern Data Resilience Is Increasingly A Cybersecurity Issue […]
Blog

Post-Quantum Security: Have You Started Your Journey?

Heidi Shey August 11, 2023
The European Policy Centre recently published a quantum cybersecurity agenda for Europe in July 2023. This is yet another example of raising awareness and issuing calls to action for post-quantum security preparations. This follows the World Economic Forum and Deloitte issuing a perspective on transitioning to a quantum-secure economy in 2022. Also in late 2022, […]
Blog

Reap The Rewards Of Empathy, The Emotional Buoy Of Trust

Allie Mellen August 9, 2023
This week, we are thrilled to release new research: Build Trust And Lasting Emotional Bonds With Empathy. This report delves into empathy, one of the most critical of the seven levers of trust defined in the trust imperative.   Forrester defines empathy as: The perception that an organization is emotionally connected to its customers, employees, […]
Blog

Thales To Acquire Imperva: Building This Dream House Won’t Be Easy

Heidi Shey July 25, 2023
Thales announced its agreement to acquire Imperva from private equity firm Thoma Bravo for $3.6 billion, expecting to add $500 million of revenue and expand its data and application security offerings as a result. The overall cybersecurity portfolio will then be structured across three key areas: identity (Thales), data security (Thales and Imperva), and application […]
Blog

Unpacking DLP: The Concept Versus The Control

Heidi Shey July 18, 2023
Data loss prevention (DLP) strategy and approach is an evergreen topic in the ongoing guidance sessions I have with clients, where I hear: 1) We must have this, we already have it, and we are not happy with what we currently have; 2) We have this, and we don’t want it anymore; or 3) We […]
Blog

Insights From The 2023 RSA Conference: Generative AI, Quantum, And Innovation Sandbox

Allie Mellen May 2, 2023
There's growing hype around generative AI in the security world, some of it warranted, some of it not so much. Learn more by reading the Forrester security and risk team’s key perspectives from RSAC 2023.
Blog

What I’m Looking For At RSA Conference 2023

Heidi Shey March 31, 2023
The countdown begins! I’ve confirmed the last 1:1 meeting spot on my calendar. The Forrester team is preparing for a panel discussion and topic tables at our client meet-and-greet event. I’m glad that track sessions and keynotes will also be available on demand. I aim to attend a few in person, but I know I’ll […]
Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog

We Need To Talk More About Burnout In Cybersecurity

Jinan Budge February 14, 2023
Forrester predicted that in 2023, a Global 500 firm will be exposed for burning out its cybersecurity employees. In 2022, we saw at a very practical level in Australia that weaknesses in our cyberdefenses can impact society at mass levels. Impacts of breaches at Optus, Medibank, EnergyAustralia, and MyDeal include fines, exposure of millions of […]
Blog

Deciphering Apple’s Recently Announced Data Protection Features

Geoff Cairns December 21, 2022
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
More posts