Joseph Blankenship

One of Forrester’s best practices for managing insider risk is to turn your employees into advocates for the program. Get five tips for how to do that in this preview of our upcoming Security & Risk event in November.

Learn some valuable lessons about insider risk management from the New York Knicks and the Toronto Raptors. Really.

Email security appliances have come a long way in the past 20 years. Learn the benefits of cloud-delivered email security.

Black Hat USA 2023: Insights From Our Short Vegas Residency Black Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors. A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with […]

In June, Forrester announced our inaugural Security & Risk Enterprise Leadership Award. Today, we’re extending the deadline for submissions to September 12 to give applicants time to finish their much-needed summer vacations and complete the application process. The Security & Risk Enterprise Leadership Award will recognize organizations — and their leaders — that have transformed the […]

Security and risk leaders beware, the Biden Administration released the next major step in its plan to implement the National Cybersecurity Strategy (NCS) on July 13, 2023. The National Cybersecurity Strategy Implementation Plan (NCSIP) includes 65 federal initiatives across five pillars aimed at increasing cybersecurity investment, assigning federal agencies to specific initiatives, and giving timelines […]

Forrester is thrilled to announce its inaugural Security & Risk Enterprise Leadership Award, which will recognize security organizations that have transformed the security, privacy, and risk management functions to fuel long-term success. Learn how to apply here.

This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

It’s December, the year is almost over, and most of us will be taking the next week off, so what better way to wrap up 2022 than with a review of some of our favorite security and risk (S&R) reports from this year? I teamed up with Senior Research Associate Alexis Tatro to highlight her […]

Learn how to reduce the three most common types of insider threats in this Security & Risk event preview.

Companies announcing layoffs need to pay attention to insider risk. Showing compassion and communicating openly can help.

For security leaders, Olympics-related security attacks are a reason to remind your users about potential threats and the latest security procedures.

It’s safe to say, with phishing appearing perennially at the top of the attack vector list and business email compromise (BEC) causing $1.8 billion in losses to US businesses in 2020 alone, that email security is going to have a “what’s old is new again” moment as we move into 2022. While email security technology has been […]

Attackers continue to abuse trust in unique and creative ways. Have you talked with your partners about security yet? Get three tips on how to do that effectively.

We occasionally get asked this question: “Would Zero Trust have prevented [insert high-profile breach]?” The breach in question could be Equifax, SolarWinds, or the United States Office of Personnel Management. We haven’t been asked (yet) about the announcement from Microsoft this month, where they acknowledged that they were a target of, and indeed had an […]

Revenge Of The SaaS: Mandiant Dumps FEYE In a cybersecurity divorce that had fewer leading indicators than the dissolution of Kim and Kanye, Mandiant has finally untangled itself from FireEye (FEYE) by selling the product portion of the firm to Symphony Technology Group (STG) for $1.2 billion. FireEye’s history as the most “almost acquired vendor” […]

We warn users not to click on suspicious emails and not to open emails from untrusted senders to prevent users from being phished. Sender identity is one of the filtering mechanisms in email security solutions. But what happens when a trusted sender’s email account is compromised and an attacker uses that access to send emails […]

We kept our research associate Alexis pretty busy during the first three months of the year, and she procrastinated getting her annual car inspection in Massachusetts done. When she showed up to get her car inspected early last week (the day before her inspection sticker expired), the service center couldn’t do the inspection. She was […]

We all need a bit of whimsy in our lives. This is not just an excuse for a whimsical blog post, though there is that. Whimsy and laughter build bridges. And in the security world, where empathy is a critical resource, whimsy can be a first and recurring step in connecting with the teams outside […]