CISO Trends

The chief information security officer (CISO) role is growing in importance and remit. Discover the latest trends and analysis for CISOs and information security leaders.

Insights

Webinar

Ransomware Defense For Constrained State And Local Budgets

Explore the state of ransomware vulnerability for state and local governments — and how you can protect your agency with limited resources.
Blog

Harnessing CISO Collective Power

David Levine May 2, 2023
Lone Wolf Or Wolf Pack? Perspectives From A Former CISO/CSO One of the most valuable, important, and rewarding things I did during my tenure as a CISO/CSO was becoming involved in the CISO community. There are plenty of leaders who choose to go down the CISO path primarily on their own, and perhaps for some, […]

Unlock The Secret To 2023 Tech Success

Attend our predictions webinar on overcoming resource constraints with a focus on resiliency and talent.

Blog

The US Government Is Here And Really Wants To Help Protect You From Ransomware

Brian Wrozek March 27, 2023
Ransomware Vulnerability Warnings Are Coming To A Critical Infrastructure Near You The US Cybersecurity and Infrastructure Security Agency (CISA) launched the Ransomware Vulnerability Warning Pilot (RVWP) in January 2023 in response to ongoing concerns about the threat of ransomware. This is the CISA’s ransomware-centric take on external attack surface management for critical infrastructure. The RVWP pilot […]
Blog

The Pay Gap Isn’t The Only Problem For Women In CISO Roles

Jeff Pollard March 8, 2023
Last week, we published Forrester’s third CISO Career Paths report. This research involved an analysis of the career paths of Fortune 500 CISOs, looking into their education, tenures, and prior experiences of security leaders at some of the world’s largest companies. This data showcases existing trends and helps forecast what CISO roles will look like […]
Blog

Five Reasons Why CISOs Should Report To CEOs

Jeff Pollard February 21, 2023
Cybersecurity problems won’t disappear, but CISOs who are elevated in the organization run better cybersecurity programs.
Blog

Align Around Your Customers To Power Growth In Today’s Economic Climate

Sharyn Leaver February 21, 2023
Outdated, short-term growth strategies that focus on extracting value from customers will fail. To succeed, companies must build, run, and continually optimize a customer-obsessed growth engine.
Blog

Great Technology Organizations Have Great Security Organizations

Sandy Carielli February 17, 2023
Forrester has been researching future fit organizations for the past few years, those organizations that have evolved their technology strategy to enable their firm’s customer-obsessed business strategy. Tech organizations fall into three tech strategy buckets: Traditional tech orgs are driven by cost, act as order-takers, and typically follow waterfall methodologies; modern tech orgs evolve to […]
Blog

Vehicle Security: Making Sure K.I.T.T. Doesn’t Become K.A.R.R.

Paddy Harrington February 2, 2023
We ended 2022 with the announcement of a vulnerability within SiriusXM Connected Vehicle Services, which has a broad impact because of the ubiquity of these units. In 2023 the vehicle-related software vulnerabilities just keep on coming, this time within API endpoints used by vehicles’ telematics systems, an issue with a wide impact across 16 different […]
Blog

How CISOs Can Navigate The 2023 Downturn

Jess Burn January 30, 2023
CISOs must use this period of austerity to reinforce security as a core competency that drives growth and protects revenue.
Blog

Five Proven Ways That DEX Tools Can Save You Money In 2023

Andrew Hewitt January 25, 2023
Will Companies Cut Back On DEX In 2023? Not The Smart Ones. Customers often ask whether companies will invest less in digital employee experience (DEX) in 2023 given the economic pressure. A few assumptions drive the question: DEX is not as high of a priority as other areas, such as customer experience. Companies only invest […]
Blog

External Attack Surface Management Finds Assets That Your Org Can’t See

Erik Nost January 18, 2023
The External Attack Surface Management Landscape, Q1 2023 is now available! Forrester clients can view the report to dive deeper into the benefits of EASM and key functionalities to assess when selecting an EASM vendor. As Jess Burn and I finalized this report, we couldn’t help but think that organizations that are blind to what’s […]
Blog

The Many Resources (And Acronyms) You Must Know To Prioritize Vulnerability Remediations

Erik Nost January 9, 2023
Building a robust vulnerability risk strategy takes input from multiple resources. More importantly, it requires input on factors specific to your company.
Blog

Leadership: Don’t Make It Harder Than It Is — Perspectives From A Former CISO/CSO

David Levine January 9, 2023
I’m kicking off my blog series, “Perspectives From A Former CISO,” with my thoughts on leadership. The series will pull from my experiences as a CISO and those of my peers. To be clear, I don’t purport to have the all the answers but did learn a thing to two during my tenure leading teams […]
Blog

My 2022 Airing Of Grievances And Feats Of Strength

Jinan Budge December 26, 2022
In the spirit of Festivus, I’m airing my grievances and demonstrating my feats of strength. I don’t know about you, but I didn’t enter 2022 with a full tank. I started the year by joining the hordes of people revenge-travelling/shopping/connecting/renovating (I know!). It’s no wonder I feel utterly exhausted. It’s also no wonder that I […]
Blog

Meet The New EMEA Cybersecurity Analyst

Tope Olufon December 5, 2022
Meet Tope Olufon, the new analyst covering cybersecurity in EMEA.
Blog

Endpoint Management 2023: It’s Back To The Basics

Andrew Hewitt November 29, 2022
Tanium's Converge conference reveals how customers are tackling the most persistent challenges in endpoint management today.
Blog

Australians’ Laid-Back Reputation Hides The Truth About Our Ability To Trust

Jinan Budge October 30, 2022
People are hardwired to trust other people and, by extension, the organizations they engage with. As an organization, your success or failure at earning and keeping trust ultimately determines not only the fate of your relationship with customers, employees, and partners but the future prospects of the organization itself. But few business, political, or technical […]
Blog

Apply Now For A Scholarship To Forrester’s Security And Risk Forum

Allie Mellen September 21, 2022
A few weeks ago, I spoke with Derek Johnson from SC Media about my experiences early on in the security industry – good and bad. While some of these moments were difficult, all of them were formative and helped me better understand the current state of the security community and industry. We are blessed with […]
Blog

New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities

Merritt Maxim August 23, 2022
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
Blog

The Challenges With Securing The Anywhere-Work Endpoint

Paddy Harrington August 19, 2022
Learn how endpoint security has been impacted by the more to anywhere work and what steps security pros can take in this preview of the Security & Risk event.
More posts