CISO Trends

The chief information security officer (CISO) role is growing in importance and remit. Discover the latest trends and analysis for CISOs and information security leaders.

Insights

Podcast

Will Web3 Live Up To Its Promise?

What It Means May 19, 2022
Web3 proponents have a grand vision of a fairer internet. But will it ever become reality? VP, Principal Analyst Martha Bennett examines both sides of this complex question.
Blog

Meet The New Analyst Covering Vulnerability Risk Management: Erik Nost

Erik Nost May 11, 2022
What Topics Will You Be Covering at Forrester? I am very excited to be covering vulnerability risk management (VRM) at Forrester, including threat modeling and management and penetration testing. Some of the areas in VRM that I hope to explore include: Vulnerability risk prioritization, especially with new “zero days” hitting at what seems like every […]

US Public Sector Predictions 2022

Discover how the President's Management Agenda will shape agencies' priorities in 2022.

Blog

Build Better Bridges: Introducing Forrester’s BISO Role Profile

Jess Burn April 19, 2022
BISOs operate on behalf of the CISO, serving as an advisor to the business unit’s functional leaders. They also engage as a member of the business unit’s senior leadership team to understand, discuss, and advise on the intersection of strategic priorities and key IT and security risks.
Blog

Breaches By The Numbers: Adapting To Regional Challenges Is Imperative

Allie Mellen April 12, 2022
Nearly two-thirds of organizations were breached in the past year, and it cost them an average of $2.4 million per breach. Our recent survey results dive into these and other findings.
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.
Blog

European MSS Firms Are Letting Down Their Customers By Providing More “Pew-Pew Maps” And Noise Rather Than Remediation Support

Paul McKay March 28, 2022
We’ve all been on a site visit to a managed security services (MSS) provider’s security operations center (SOC), where your prospective MSS provider shows you yet another set of screens with big “pew-pew maps” with little dots and lines going haywire where it has seen cyberattacks. These maps are about as useful as an NFT: […]
Blog

You Say You Want A Revolution? Announcing Our Latest Security Awareness And Training Forrester Wave™

Jinan Budge March 16, 2022
The security awareness and training (SA&T) market has been stagnant for so long, with the last major disruption as far as I can tell being the introduction of phishing simulations about a decade or so ago. Since then, the industry seems to have seen a slow and steady evolution from ticking boxes to meet a […]

Predictions 2022 Live

Set off on a confident path to business success in 2022. Discover the top trends for CIOs, CMOs, CX Leaders, and CEOs in 2022.

Blog

Here’s How To Update Your Risk Management Posture Given The War In Ukraine

Alla Valente February 28, 2022
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
Blog

The Emerging Cyber Risk Quantification Market: When CISOs Need Decisions, Not More Dashboards

Paul McKay January 31, 2022
Ask any CISO to articulate the ROI of their firm’s cybersecurity investment — or, worse yet — to defend an increase to the security budget, and you’re likely to get anything from a threat heat map to a 5×5 grid to a list of the latest threats with a flowchart of how the firm is […]
Blog

S&R Forum 2021 Preview: What It Means To Go To Market On Trust

Jess Burn November 5, 2021
Forrester’s Security & Risk Forum is just days away, and I am really looking forward to it. The theme for this year’s event is “Grow Trust. Drive Business.” We chose this theme for good reason — we believe companies that earn and retain trust among customers, employees, and partners drive revenue-generating loyalty behaviors like retention […]
Blog

Forrester’s Security & Risk 2021 Preview: Secure What You Sell Goes Mainstream

Sandy Carielli November 4, 2021
Before I joined Forrester, my colleagues Jeff Pollard and Amy DeMartine initiated our product security research, leading to our first report on the topic, Secure What You Sell: CISOs Must Tackle Product Security To Protect Customers. In those bygone days of 2018 and 2019, we identified that: Forrester was the first to market with this […]
Blog

Put These Talks On Your S&R Forum Watchlist

Allie Mellen November 3, 2021
Next week, the Forrester security and risk (S&R) team will host the Forrester Security & Risk Forum on November 9 and 10. This will be the first time I have ever attended a Forrester event, let alone the Forrester Security & Risk Forum. And while I’m disappointed it isn’t in person this year, I’m also thrilled with […]

Predictions 2022 Live

Chart a bold path to success in 2022. Hear our predictions for the year ahead.

Podcast

A CISO’s Guide To Employee Empowerment

What It Means September 16, 2021
What’s the most important thing a security leader can do to empower their direct reports? Delegate. Learn how to do it effectively from VP, Principal Analyst Jeff Pollard in this week’s episode.
Blog

CISOs And The Trust Imperative

Jeff Pollard September 10, 2021
There is no executive role that better aligns with the trust imperative than the CISO. Find out why and how it may impact your organization directly.
Blog

Zero Trust For Healthcare Orgs Is Just What The Doctor Ordered

Christopher Sherman July 29, 2021
Healthcare data is low-hanging fruit for hackers. Learn how adopting a Zero Trust strategy can help keep your data safe.
Podcast

Causes And Cures For Toxic Culture In The Security Org

What It Means July 29, 2021
There’s a culture crisis in the IT security field that could be putting firms at risk. Learn about the causes and cures of a toxic security culture from Principal Analyst Jinan Budge in this episode of What It Means.
Blog

When It Comes To Incident Response, Is Your Cyber Insurance Carrier On Your Side?

Jess Burn June 30, 2021
You know, I really feel for security leaders and professionals. After a year of pandemic-related disruption and an uptick in ransomware and serious cyberattacks of all kinds — just as they’re firming up their policies and strategies to secure hybrid work for the foreseeable future — they get hit with an all-out assault of ransomware […]

European Predictions 2022

Visit our resource hub to discover the key trends impacting European businesses in 2022.

Blog

Forrester’s List Of Ransomware Resources

Jeff Pollard June 24, 2021
With ransomware continuing as a high-impact problem (with seemingly no end in sight), we’ve put together some useful ransomware resources for security practitioners. Security and risk (S&R) pros can use these resources to help prevent, protect, detect, and respond to ransomware outbreaks. The links below are a mixture of Forrester’s own research and third-party links. […]
Blog

How To Leverage Innovation To Grow And Differentiate Your Business

Bernhard Schaffrik June 7, 2021
Learn how to leverage adaptive technology platforms to nurture innovation at your organization.
Blog

Stay Vigilant Of The 2021 Threat Landscape And Help Your Org Prepare For “The Next Normal”

Brian Kime March 16, 2021
Earlier this month, a US State Department spokeswoman announced that the US had identified three online publications that were attempting to discredit the Pfizer and Moderna vaccines, all of which were directed by Russian intelligence. In Forrester’s annual report on top security threats, we explore the top security threats that security professionals must monitor, including […]
More posts