Jess Burn

Senior Analyst

Forrester Bio

Author Insights

Blog

Acknowledging Our Love-Hate Relationship With Security Certifications

Jess Burn November 2, 2022
Security certifications don’t make you a better practitioner, they make you a better candidate. Experience and continued training and upskilling takes over from there. How do we reconcile this?
Blog

CISA Releases Directives On Asset Discovery And Vulnerability Enumeration

Erik Nost October 4, 2022
The Cybersecurity & Infrastructure Security Agency (CISA) kicked off Cybersecurity Awareness Month with a bang yesterday, with its latest binding operational directive that requires federal agencies to account for a complete inventory of assets and vulnerabilities. In past CISA coverage, we recommended that organizations doing business with the federal government, looking to maintain good cyber […]
Blog

Cyber Grant Program Is Welcome News For Small Governments

Erik Nost September 21, 2022
Local governments have become frequent targets of cyber attacks, and funding and planning for preventing for more attacks have been left largely to the local level. A new initiative is changing that.
Blog

Apple’s BIMI Support = Time To Get Serious About DMARC Enforcement

Jess Burn September 19, 2022
Learn how Apple's latest announcement will make inboxes safer and what's required to reach DMARC enforcement.
Blog

It’s Not You, It’s Them: Build A Resilient Cybersecurity Career

Jeff Pollard September 12, 2022
Preparing for the worst means putting loyalty aside to build a plan with your goals and growth at the center. Learn how to get started.
Blog

DuckDuckGo’s Email Protection: Another Strike Against The Surveillance Economy

Jess Burn August 31, 2022
Fresh off a yearlong beta test, DuckDuckGo moved its email protection service into an open beta. The service works across iOS and Android; browser extensions for Edge, Chrome, Firefox, and Brave; and DuckDuckGo for Mac. The service blocks trackers in emails, reducing the amount and type of data emails can send to third parties (like […]
Blog

The Do’s And Don’ts Of Cybersecurity Interview Question Design

Jinan Budge August 8, 2022
To hire successful candidates, you need to learn about more than just their tech skills. These tips can help you know what to look for — and what pitfalls to avoid.
Blog

Step Up Your Governance Game With Our Information Security Steering Committee Charter Template

Jess Burn August 1, 2022
We’ve said it many times: Security matters, and security leaders have more influence and access to boards and senior executives than ever. Thanks to external forces like ransomware attacks, evolving security and privacy legislation, and existential loss of cyber insurance dread, they get it at the top. But that doesn’t always translate into engagement or […]
Blog

Who’s Responsible For Cyber Insurance Policy Misrepresentations? It Depends.

Alla Valente July 14, 2022
On July 6, 2022, the Travelers Property Casualty Company of America (Travelers Insurance) filed a suit in an Illinois federal court against International Control Services, Inc. (ICS) asking for policy rescission and declaratory judgment against ICS. Travelers alleges that ICS misrepresented its use of multifactor authentication (MFA) on its policy application, which should be sufficient […]
Blog

The Reaper Comes For Cyber Unicorns

Jeff Pollard June 13, 2022
While the economic downturn is in its early stages, it looks as though the hypergrowth phase of the cybersecurity vendor party has reached an abrupt end.
Blog

The ASM Landscape Is Shifting Under Our Feet — As Are The Acronyms

Jess Burn June 2, 2022
Since publishing my first report on attack surface management (ASM), Find And Cover Your Assets With Attack Surface Management (one of my favorite titles to date), the market has taken off in a number of different directions and developed several flavors — and acronyms. Forrester defines ASM overall as follows: The process of continuously discovering, […]
Blog

Microsoft Launches MDR And Hops On The Everything-As-A-Service Bandwagon

Jeff Pollard May 10, 2022
Everything-eventually-becomes-a-service which Microsoft demonstrates by launching its own version of managed detection & response. We discuss what CISOs need to know, how it will impact the market, and what to look for next.
Blog

Build Better Bridges: Introducing Forrester’s BISO Role Profile

Jess Burn April 19, 2022
BISOs operate on behalf of the CISO, serving as an advisor to the business unit’s functional leaders. They also engage as a member of the business unit’s senior leadership team to understand, discuss, and advise on the intersection of strategic priorities and key IT and security risks.
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.
Blog

The Return Of The Forrester Wave™: Cybersecurity Incident Response Services

Jess Burn April 4, 2022
The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 is now live! This is the first evaluation of cybersecurity incident response service (CIRS) providers we’ve published since March of 2019. Remember 2019? Ah, those halcyon pre-pandemic days … back when most of us were traveling freely, meeting in person, blissfully unfamiliar with the challenges of […]
Blog

So aktualisieren Sie Ihr Risikomanagement angesichts des Krieges in der Ukraine

Alla Valente 30 März 2022
Führende Risikomanagementunternehmen in Europa und weltweit sind bereits vom Krieg in der Ukraine und den gegen russische und weißrussische Akteure verhängten Sanktionen betroffen. Forrester-Analysten geben in diesem Beitrag ihre Einschätzung.
Blog

Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne

Paul McKay March 29, 2022
Neem de volgende stappen om u goed voor te bereiden op het cyberveiligheidseffect van de oorlog in Oekraïne
Blog

Mit diesen Schritten können Sie sich auf die Auswirkungen des Krieges in der Ukraine auf die Cybersicherheit vorbereiten und entsprechend handeln

Paul McKay 29 März 2022
11 Schritte, die Sie jetzt tun können, um Ihre Risiken und die Gefährdung durch Cyber-Bedrohungen im Zusammenhang mit dem Krieg zu verringern.
Blog

Comment Mettre À Jour Votre Stratégie De Gestion Des Risques Face À La Guerre En Ukraine

Alla Valente 28 Mars 2022
Les leaders de la gestion des risques en Europe et dans le monde sont déjà impactés par la guerre en Ukraine et les sanctions imposées aux acteurs russes et biélorusses. Les analystes de Forrester fournissent leurs conseils dans cet article.
Blog

Mesures Pour Vous Préparer Et Gérer Les Effets Sur La Cybersécurité De La Guerre En Ukraine

Paul McKay 28 Mars 2022
Onze choses que vous pouvez faire maintenant pour réduire vos risques et votre exposition aux cybermenaces liées à la guerre.
More posts