Heidi Shey

Principal Analyst

Author Insights

Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog

We Need To Talk More About Burnout In Cybersecurity

Jinan Budge February 14, 2023
Forrester predicted that in 2023, a Global 500 firm will be exposed for burning out its cybersecurity employees. In 2022, we saw at a very practical level in Australia that weaknesses in our cyberdefenses can impact society at mass levels. Impacts of breaches at Optus, Medibank, EnergyAustralia, and MyDeal include fines, exposure of millions of […]
Blog

Deciphering Apple’s Recently Announced Data Protection Features

Geoff Cairns December 21, 2022
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
Blog

Predictions 2023: Security Pros Face Greater Internal Risks

Heidi Shey October 31, 2022
On top of the usual challenges, in 2023, security pros will see more risk coming from internal forces, such as enabling anywhere work and the future of the office. Learn more in our 2023 predictions.
Blog

It’s More Than Just Emojis: Secure Your Communications

Heidi Shey September 2, 2022
What’s within an employee chat? More than emojis. Employee communications via chat, voice calls, and videoconferencing can include customers’ personal information, insights about business operations, or other highly sensitive material. Consumer apps aren’t suited for such purposes. They lack enterprise controls for management and compliance, have privacy policies and terms of use that can change […]
Blog

Redefining Data Security For The Modern Age

Heidi Shey August 30, 2022
Learn how to redefine data security in an age of multicloud, anywhere work, edge computing, and changing privacy regulations.
Blog

Who’s Responsible For Cyber Insurance Policy Misrepresentations? It Depends.

Alla Valente July 14, 2022
On July 6, 2022, the Travelers Property Casualty Company of America (Travelers Insurance) filed a suit in an Illinois federal court against International Control Services, Inc. (ICS) asking for policy rescission and declaratory judgment against ICS. Travelers alleges that ICS misrepresented its use of multifactor authentication (MFA) on its policy application, which should be sufficient […]
Blog

NIST PQ: “Lattice” Pick A Winner

Sandy Carielli July 7, 2022
Last week, we wondered if early reports indicating that NIST would announce the winners of its post-quantum cryptography competition would come to fruition anytime soon. Happily, they have. After an evaluation process that began with a call for nominations in 2016 and culled dozens of potential post-quantum (PQ) cryptographic algorithms down to seven finalists and […]
Blog

The Interminable Wait: The NIST Post-Quantum Competition

Sandy Carielli June 29, 2022
While we wait to learn the winners, here's a bit of history.
Blog

Practice Empathy To Reduce Insider Risk

Joseph Blankenship June 15, 2022
Companies announcing layoffs need to pay attention to insider risk. Showing compassion and communicating openly can help.
Blog

Cyber Insurance: What The Changing Power Dynamics Mean For You

Heidi Shey April 8, 2022
Cyber insurance is only one component of a bigger enterprise cybersecurity risk management program. However, the cyber insurance market has been on a roller coaster, with skyrocketing premiums, changes in coverage, and a demand for policies that outweighs available supply. After years of affordable and readily available policies, the ubiquity of cyber insurance combined with […]
Blog

So aktualisieren Sie Ihr Risikomanagement angesichts des Krieges in der Ukraine

Alla Valente 30 März 2022
Führende Risikomanagementunternehmen in Europa und weltweit sind bereits vom Krieg in der Ukraine und den gegen russische und weißrussische Akteure verhängten Sanktionen betroffen. Forrester-Analysten geben in diesem Beitrag ihre Einschätzung.
Blog

Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne

Paul McKay March 29, 2022
Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne
Blog

Mit diesen Schritten können Sie sich auf die Auswirkungen des Krieges in der Ukraine auf die Cybersicherheit vorbereiten und entsprechend handeln

Paul McKay 29 März 2022
11 Schritte, die Sie jetzt tun können, um Ihre Risiken und die Gefährdung durch Cyber-Bedrohungen im Zusammenhang mit dem Krieg zu verringern.
Blog

Comment Mettre À Jour Votre Stratégie De Gestion Des Risques Face À La Guerre En Ukraine

Alla Valente 28 Mars 2022
Les leaders de la gestion des risques en Europe et dans le monde sont déjà impactés par la guerre en Ukraine et les sanctions imposées aux acteurs russes et biélorusses. Les analystes de Forrester fournissent leurs conseils dans cet article.
Blog

Mesures Pour Vous Préparer Et Gérer Les Effets Sur La Cybersécurité De La Guerre En Ukraine

Paul McKay 28 Mars 2022
Onze choses que vous pouvez faire maintenant pour réduire vos risques et votre exposition aux cybermenaces liées à la guerre.
Blog

Okta Lapsus$ Compromise: How To Make Sure You’re Protected

Merritt Maxim March 24, 2022
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog

Fix The Vulnerability Within: Break Gender Bias In Cybersecurity

Jinan Budge March 7, 2022
Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]
Blog

Navigate China’s New Data And AI Regulations

Guannan Lu March 3, 2022
Firms often struggle to identify the appropriate security controls and practices to comply with fast-changing data regulations. Here are three practices firms should adapt to keep pace.
Blog

Here’s How To Update Your Risk Management Posture Given The War In Ukraine

Alla Valente February 28, 2022
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
More posts