Jeff Pollard

Technology leaders woke up this morning to find that a software update by cybersecurity vendor CrowdStrike had gone badly wrong. Get updates on the steps that your organization should take now and in the long term as a result of the CrowdStrike outage.

Cybersecurity breaches continued to rise in 2023. Learn the eight most common incident types and get four key takeaways from our new report.

Cloud detection and response is not a market category — it is a feature of existing cloud tools. Get a formal definition and more in this post previewing a new report.

RSAC gives security startups two structured opportunities to distinguish themselves, and Forrester always finds it revealing to see which startups make the cut.

Find out what Palo Alto Networks' acquisition of IBM’s QRadar business means for the broader security information and event management SIEM market.

More than 41,000 attendees, 600 exhibitors, and 425 sessions. Get some of the key themes and takeaways from the Forrester security & risk analysts who attended RSA Conference (RSAC) 2024.

Struggling to decide which security conferences to attend? To help you make an informed choice as conference season approaches, Forrester analyzed the content of eight leading security conferences from 2018 to 2023. Get a preview of that analysis here.

Microsoft announced the launch date of Copilot for Security. Find out what this means for security professionals and how you can prepare.

Changing tech, changing threats, and changing consequences. 2024 will be a busy year for security professionals. Get a preview of our top security recommendations for 2024 in this blog and then read our full report.

Learn the key takeaways and market impacts from the Biden administration’s executive order to protect Americans’ sensitive personal data.

A recent cybersecurity incident at Change Healthcare cause the pharmacy claims processors to take its systems offline. Learn the implication of this event and five things firms can do to prepare.

The new executive order calls for a “societywide effort” from government, the private sector, academia, and civil society to address eight AI priorities.

The SEC plans to haunt CISOs with cybersecurity enforcement, but there might be a silver lining for CISOs in the SEC complaint.

Should CISOs fend off Microsoft to keep their preferred products or embrace consolidation? Find out in this blog.

Learn some valuable lessons about insider risk management from the New York Knicks and the Toronto Raptors. Really.

Email security appliances have come a long way in the past 20 years. Learn the benefits of cloud-delivered email security.

Black Hat USA 2023: Insights From Our Short Vegas Residency Black Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors. A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with […]

While it might seem like generative AI is the only use case for AI around today, just a few years ago, deepfakes wore the mantle for attention and hype in the AI universe. That’s fallen off considerably today, but we will likely see a resurgence in interest based on attacks using deepfakes to scam and […]

On traditional infrastructure (laptops, servers, workstations, on-premises network infrastructure), the attack surface was the closest match to true perimeter-based defense we could get. The network infrastructure gave access to the systems within (crunchy outside; gooey, cubicle, khakis, and blue button-downs inside). As such, detection of attacker activity was relegated to network-based activity, endpoint-based activity, and […]