CISO Trends

The chief information security officer (CISO) role is growing in importance and remit. Discover the latest trends and analysis for CISOs and information security leaders.

Insights

Blog

Ongoing Government Uncertainty Around Cybersecurity Initiatives Is Putting Your Business At Risk

Paddy Harrington 5 days ago
Government instability is undermining key cybersecurity programs like CyberSentry and MITRE’s CVE cataloging, putting critical infrastructure and business operations at risk. This post explores how funding cuts and conflicting AI directives are creating dangerous gaps in threat detection and response.
Blog

Black Hat 2025: Troop Forrester Goes To Hacker Summer Camp

James Plouffe August 13, 2025
2025 marks the 28th year of Black Hat, and although it remains on the edgier side of corporate-focused cybersecurity conferences, it sometimes feels like the event is considering completely ditching its hoodie in favor of a collared shirt.

Missed It Live? Unlock The Secrets To CIO & CISO Alignment

Watch this on-demand session to discover how leading CIOs and CISOs align on planning and investments to build resilient security frameworks.

Blog

Black Or Blue, Microsoft’s Quick Machine Recovery Might Be Able To Soften That Bruise

Paddy Harrington August 11, 2025
Windows 11’s new Quick Machine Recovery and kernel-space security changes mark a turning point in enterprise resilience. As Windows 10 nears retirement, these features offer IT leaders compelling reasons to upgrade beyond just compliance.
Blog

Announcing The Forrester Wave™: Privileged Identity Management Solutions, Q3 2025

Geoff Cairns August 7, 2025
Learn three important factors to consider when planning a privileged identity management (PIM) deployment or enhancement in this preview of our new report on the PIM solution market.
Blog

Introducing AEGIS — The Guardrails That CISOs Need For The Agentic Enterprise

Jeff Pollard August 4, 2025
AI agents aren’t coming — they’re already here. And they’re not waiting for your security architecture to catch up. Learn how Forrester's new AEGIS framework can help CISOs secure, govern, and manage AI agents and agentic infrastructure.
Blog

Palo Alto Networks Enters The Identity Security Market With $25B Purchase Of CyberArk

Allie Mellen July 31, 2025
The third-largest cybersecurity M&A deal in history makes sense in some respects, but the track record on mega security and identity tie-ups is incomplete and unproven.
Blog

Microsoft Retires Password Management In Authenticator

Andras Cser July 30, 2025
Microsoft’s move to gradually retire password management capabilities in its Authenticator application will have three immediate effects.
Blog

Announcing The Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025

Erik Nost July 29, 2025
Vulnerability management is undergoing a seismic shift. The risk-based prioritization from vulnerability risk management (VRM) has combined with attack surface management (ASM) to form exposure management and continuous security testing — two emerging practices that prioritize visibility and prioritization over remediation and response.
Podcast

Fear In B2B Buying, Future Of Experiences, Cisco Live Recap

What It Means July 10, 2025
In this episode of What It Means, we dig into fear as a motivator in the B2B buying process, the human-centric future of digital experiences, and what CISOs need to know coming out of Cisco Live.
Blog

Pause Innovation Now And Pay The Price Later: Why AI Readiness Can’t Wait

Stephanie Balaouras June 26, 2025
Even as volatility abounds, business and technology leaders must stay laser-focused on building a strong AI foundation. The first blog in our new quarterly Bold Stances series offers some guidance.
Blog

Key Takeaways From Cisco Live 2025: Cisco’s Big Bets For Unified Security And AI

Jitin Shabadu June 18, 2025
Cisco Live 2025 Focused On Three Main Themes: AI, Simplification, And Security At its annual Cisco Live event, the company delivered a clear message: It’s operationalizing AI across the core pillars of networking, security, and observability. Building on last year’s momentum with innovations like Hypershield and Splunk integration, the company has framed its vision around […]
Blog

You Don’t Need To Be Ethan Hunt To Break Into A Building

Paddy Harrington June 17, 2025
In today’s hyper-connected buildings, cybercriminals don’t need grappling hooks or disguises — just a vulnerable thermostat or door lock to breach your defenses and disrupt your operations.

New For 2026! Security Budget Planning Guide + Workbook

Prepare your 2026 security budget for critical risks. Get our budget planning guide and workbook to assess, prioritize, and implement investments for fortified security in uncertain times.

Blog

When You Can’t Change The Technology, Change Your Security Policies

Paddy Harrington June 11, 2025
When you can’t change the security of external technologies such as IoT, OT, or power infrastructure, you must adapt your internal cybersecurity policies and controls to mitigate the risks that they introduce.
Blog

Decoding The Naming Game: Why Standardizing Threat Actor Names Alone Won’t Enhance Your Security Posture Or Response

Jitin Shabadu June 6, 2025
Microsoft, CrowdStrike, Palo Alto Networks, and Mandiant recently announced a new initiative to create an aggregate and standardized glossary of threat actors. Learn the benefits and limitations of standardizing threat actor names.
Blog

Announcing The Forrester Wave™: Email, Messaging, And Collaboration Security Solutions, Q2 2025

Jess Burn June 3, 2025
The Forrester Wave™: Email, Messaging, And Collaboration Security Solutions, Q2 2025, is live — and it looks a bit different from its predecessor in 2023.
Blog

Sudo Coming To Windows? Pretty Much, Yeah

Paddy Harrington May 29, 2025
Windows 11 introduces a new security feature that separates admin and user roles, bringing a sudolike experience to the desktop.
Podcast

New AI Lessons In Coding, Marketing, And Product Design

What It Means May 29, 2025
In this episode, we look at how to avoid the risks of AI-enabled tools in three common business use cases: coding, marketing, and product design. The key takeaway from all three areas: There’s still a strong need to have a human in the loop to review your AI outputs.

Master Your 2026 Budget With Our Ultimate Guides And Tools

Plan smarter to thrive in 2026! Access planning guides, workbooks, webinars, and resources to invest wisely, cut costs, and maximize your budget impact — even in uncertain times.

Blog

RSAC 2025 Conference: An International Lens

Paul McKay May 19, 2025
A significant international presence at RSAC 2025 signaled the continued importance of the US as a global export platform for cybersecurity. Countries including Belgium, Canada, Germany, Ireland, Italy, the Netherlands, Saudi Arabia, Singapore, South Korea, Spain, and the UK showcased national pavilions and cybersecurity companies on the show floor, as well as organizing trade missions […]
Blog

It’s Time To Start Planning Your Postquantum Migration

Sandy Carielli May 12, 2025
When will quantum computers will be able to break asymmetric cryptography and algorithms? And what steps should you take to prepare? Find out in this preview of a report on quantum security.
Blog

Overregulation Forges A CISO Coalition With The G7 Letter

Madelein van der Hout April 24, 2025
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.
More posts