CISO Trends
The chief information security officer (CISO) role is growing in importance and remit. Discover the latest trends and analysis for CISOs and information security leaders.
Insights
Blog
Ongoing Government Uncertainty Around Cybersecurity Initiatives Is Putting Your Business At Risk
Government instability is undermining key cybersecurity programs like CyberSentry and MITRE’s CVE cataloging, putting critical infrastructure and business operations at risk. This post explores how funding cuts and conflicting AI directives are creating dangerous gaps in threat detection and response.
Blog
Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.
Missed It Live? Unlock The Secrets To CIO & CISO Alignment
Watch this on-demand session to discover how leading CIOs and CISOs align on planning and investments to build resilient security frameworks.
Blog
Black Or Blue, Microsoft’s Quick Machine Recovery Might Be Able To Soften That Bruise
Windows 11’s new Quick Machine Recovery and kernel-space security changes mark a turning point in enterprise resilience. As Windows 10 nears retirement, these features offer IT leaders compelling reasons to upgrade beyond just compliance.
Blog
Announcing The Forrester Wave™: Privileged Identity Management Solutions, Q3 2025
Learn three important factors to consider when planning a privileged identity management (PIM) deployment or enhancement in this preview of our new report on the PIM solution market.
Blog
Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
Blog
Palo Alto Networks Enters The Identity Security Market With $25B Purchase Of CyberArk
The third-largest cybersecurity M&A deal in history makes sense in some respects, but the track record on mega security and identity tie-ups is incomplete and unproven.
Blog
Microsoft Retires Password Management In Authenticator
Microsoft’s move to gradually retire password management capabilities in its Authenticator application will have three immediate effects.
Blog
Announcing The Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025
Vulnerability management is undergoing a seismic shift. The risk-based prioritization from vulnerability risk management (VRM) has combined with attack surface management (ASM) to form exposure management and continuous security testing — two emerging practices that prioritize visibility and prioritization over remediation and response.
Podcast
Fear In B2B Buying, Future Of Experiences, Cisco Live Recap
In this episode of What It Means, we dig into fear as a motivator in the B2B buying process, the human-centric future of digital experiences, and what CISOs need to know coming out of Cisco Live.
Blog
Pause Innovation Now And Pay The Price Later: Why AI Readiness Can’t Wait
Even as volatility abounds, business and technology leaders must stay laser-focused on building a strong AI foundation. The first blog in our new quarterly Bold Stances series offers some guidance.
Blog
Key Takeaways From Cisco Live 2025: Cisco’s Big Bets For Unified Security And AI
Cisco Live 2025 Focused On Three Main Themes: AI, Simplification, And Security At its annual Cisco Live event, the company delivered a clear message: It’s operationalizing AI across the core pillars of networking, security, and observability. Building on last year’s momentum with innovations like Hypershield and Splunk integration, the company has framed its vision around […]
Blog
You Don’t Need To Be Ethan Hunt To Break Into A Building
In today’s hyper-connected buildings, cybercriminals don’t need grappling hooks or disguises — just a vulnerable thermostat or door lock to breach your defenses and disrupt your operations.
New For 2026! Security Budget Planning Guide + Workbook
Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.
Blog
When You Can’t Change The Technology, Change Your Security Policies
When you can’t change the security of external technologies such as IoT, OT, or power infrastructure, you must adapt your internal cybersecurity policies and controls to mitigate the risks that they introduce.
Blog
Decoding The Naming Game: Why Standardizing Threat Actor Names Alone Won’t Enhance Your Security Posture Or Response
Microsoft, CrowdStrike, Palo Alto Networks, and Mandiant recently announced a new initiative to create an aggregate and standardized glossary of threat actors. Learn the benefits and limitations of standardizing threat actor names.
Blog
Announcing The Forrester Wave™: Email, Messaging, And Collaboration Security Solutions, Q2 2025
The Forrester Wave™: Email, Messaging, And Collaboration Security Solutions, Q2 2025, is live — and it looks a bit different from its predecessor in 2023.
Blog
Sudo Coming To Windows? Pretty Much, Yeah
Windows 11 introduces a new security feature that separates admin and user roles, bringing a sudolike experience to the desktop.
Podcast
New AI Lessons In Coding, Marketing, And Product Design
In this episode, we look at how to avoid the risks of AI-enabled tools in three common business use cases: coding, marketing, and product design. The key takeaway from all three areas: There’s still a strong need to have a human in the loop to review your AI outputs.
Master Your 2026 Budget With Our Ultimate Guides And Tools
Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.
Blog
RSAC 2025 Conference: An International Lens
A significant international presence at RSAC 2025 signaled the continued importance of the US as a global export platform for cybersecurity. Countries including Belgium, Canada, Germany, Ireland, Italy, the Netherlands, Saudi Arabia, Singapore, South Korea, Spain, and the UK showcased national pavilions and cybersecurity companies on the show floor, as well as organizing trade missions […]
Blog
It’s Time To Start Planning Your Postquantum Migration
When will quantum computers will be able to break asymmetric cryptography and algorithms? And what steps should you take to prepare? Find out in this preview of a report on quantum security.
Blog
Overregulation Forges A CISO Coalition With The G7 Letter
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.
More posts