CISO Trends

The chief information security officer (CISO) role is growing in importance and remit. Discover the latest trends and analysis for CISOs and information security leaders.

Insights

Blog

Endpoint Management 2023: It’s Back To The Basics

Andrew Hewitt 23 hours ago
A few weeks ago, I had the opportunity to attend the Tanium Converge conference in Austin, Texas. There’s been a lot of buzz around Tanium in the industry lately, especially with the company’s recent partnership with Microsoft, its software bill of materials (SBOM) release, and continued marketing of a new term: converged endpoint management, or […]
Blog

Australians’ Laid-Back Reputation Hides The Truth About Our Ability To Trust

Jinan Budge October 30, 2022
People are hardwired to trust other people and, by extension, the organizations they engage with. As an organization, your success or failure at earning and keeping trust ultimately determines not only the fate of your relationship with customers, employees, and partners but the future prospects of the organization itself. But few business, political, or technical […]

Prepare Your Infrastructure For 2023 Change

Get our Predictions 2023 guide to explore the infrastructure shifts driving transformation and resiliency.

Blog

Apply Now For A Scholarship To Forrester’s Security And Risk Forum

Allie Mellen September 21, 2022
A few weeks ago, I spoke with Derek Johnson from SC Media about my experiences early on in the security industry – good and bad. While some of these moments were difficult, all of them were formative and helped me better understand the current state of the security community and industry. We are blessed with […]
Blog

New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities

Merritt Maxim August 23, 2022
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
Blog

The Challenges With Securing The Anywhere-Work Endpoint

Paddy Harrington August 19, 2022
Learn how endpoint security has been impacted by the more to anywhere work and what steps security pros can take in this preview of the Security & Risk event.
Blog

Five Reasons To Buy A Service Before A Product

Jeff Pollard August 17, 2022
Learn why moving away from legacy thinking on products and services leads to far better outcomes.
Blog

Step Up Your Governance Game With Our Information Security Steering Committee Charter Template

Jess Burn August 1, 2022
We’ve said it many times: Security matters, and security leaders have more influence and access to boards and senior executives than ever. Thanks to external forces like ransomware attacks, evolving security and privacy legislation, and existential loss of cyber insurance dread, they get it at the top. But that doesn’t always translate into engagement or […]

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

Join us for a planning webinar to learn how you can budget and align your 2023 cybersecurity plans for what’s ahead.

Podcast

Will Web3 Live Up To Its Promise?

What It Means May 19, 2022
Web3 proponents have a grand vision of a fairer internet. But will it ever become reality? VP, Principal Analyst Martha Bennett examines both sides of this complex question.
Blog

Meet The New Analyst Covering Vulnerability Risk Management: Erik Nost

Erik Nost May 11, 2022
What Topics Will You Be Covering at Forrester? I am very excited to be covering vulnerability risk management (VRM) at Forrester, including threat modeling and management and penetration testing. Some of the areas in VRM that I hope to explore include: Vulnerability risk prioritization, especially with new “zero days” hitting at what seems like every […]
Blog

Build Better Bridges: Introducing Forrester’s BISO Role Profile

Jess Burn April 19, 2022
BISOs operate on behalf of the CISO, serving as an advisor to the business unit’s functional leaders. They also engage as a member of the business unit’s senior leadership team to understand, discuss, and advise on the intersection of strategic priorities and key IT and security risks.
Blog

Breaches By The Numbers: Adapting To Regional Challenges Is Imperative

Allie Mellen April 12, 2022
Nearly two-thirds of organizations were breached in the past year, and it cost them an average of $2.4 million per breach. Our recent survey results dive into these and other findings.
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.

Planning Guides 2023

Get planning and budgeting guidance for tech, CX, marketing, and other functions to help you make the right decisions in the year ahead.

Blog

European MSS Firms Are Letting Down Their Customers By Providing More “Pew-Pew Maps” And Noise Rather Than Remediation Support

Paul McKay March 28, 2022
We’ve all been on a site visit to a managed security services (MSS) provider’s security operations center (SOC), where your prospective MSS provider shows you yet another set of screens with big “pew-pew maps” with little dots and lines going haywire where it has seen cyberattacks. These maps are about as useful as an NFT: […]
Blog

You Say You Want A Revolution? Announcing Our Latest Security Awareness And Training Forrester Wave™

Jinan Budge March 16, 2022
The security awareness and training (SA&T) market has been stagnant for so long, with the last major disruption as far as I can tell being the introduction of phishing simulations about a decade or so ago. Since then, the industry seems to have seen a slow and steady evolution from ticking boxes to meet a […]
Blog

Here’s How To Update Your Risk Management Posture Given The War In Ukraine

Alla Valente February 28, 2022
Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.
Blog

The Emerging Cyber Risk Quantification Market: When CISOs Need Decisions, Not More Dashboards

Paul McKay January 31, 2022
Ask any CISO to articulate the ROI of their firm’s cybersecurity investment — or, worse yet — to defend an increase to the security budget, and you’re likely to get anything from a threat heat map to a 5×5 grid to a list of the latest threats with a flowchart of how the firm is […]
Blog

S&R Forum 2021 Preview: What It Means To Go To Market On Trust

Jess Burn November 5, 2021
Forrester’s Security & Risk Forum is just days away, and I am really looking forward to it. The theme for this year’s event is “Grow Trust. Drive Business.” We chose this theme for good reason — we believe companies that earn and retain trust among customers, employees, and partners drive revenue-generating loyalty behaviors like retention […]

2023 Planning Isn’t Business As Usual

Explore Forrester's 2023 planning guide for data-driven insights on where to invest, where to pull back, and where to stay the course.

Blog

Forrester’s Security & Risk 2021 Preview: Secure What You Sell Goes Mainstream

Sandy Carielli November 4, 2021
Before I joined Forrester, my colleagues Jeff Pollard and Amy DeMartine initiated our product security research, leading to our first report on the topic, Secure What You Sell: CISOs Must Tackle Product Security To Protect Customers. In those bygone days of 2018 and 2019, we identified that: Forrester was the first to market with this […]
Blog

Put These Talks On Your S&R Forum Watchlist

Allie Mellen November 3, 2021
Next week, the Forrester security and risk (S&R) team will host the Forrester Security & Risk Forum on November 9 and 10. This will be the first time I have ever attended a Forrester event, let alone the Forrester Security & Risk Forum. And while I’m disappointed it isn’t in person this year, I’m also thrilled with […]
Podcast

A CISO’s Guide To Employee Empowerment

What It Means September 16, 2021
What’s the most important thing a security leader can do to empower their direct reports? Delegate. Learn how to do it effectively from VP, Principal Analyst Jeff Pollard in this week’s episode.
More posts