Cloud Security
As both IT vendors and buyers explore the advantages of cloud-based solutions, they must also evaluate and manage cloud security risks. Read more to get the expert guidance required.
Insights
Blog
Splunk Is Good For Cisco, But Cisco Needs To Convince Splunk Customers That Cisco Is Good For Them
On September 21, Cisco announced its intention to buy Splunk for $28 billion in cash, its largest acquisition ever and fourth this year. This is a massive investment and win for Cisco from two perspectives: observability and security. Cisco’s full-stack observability platform could catapult into relevance against established competitors overnight. Similarly, on the security side, […]
Blog
Zero Trust For Cloud Workloads? It’s Possible!
Curious about Zero Trust in the cloud? Learn more about it in this preview of our upcoming Security & Risk Forum.
Stay Ahead of Threats with These Cutting-Edge Detection Engineering Practices
Join us on Sept. 27 for a live webinar to learn how to enhance your security operations practice with agile and detection engineering practices.
Webinar
How To Enhance Your Security Operations Practice With Agile And Detection Engineering
Join us on Sept. 27 for a deep dive on detection engineering in security operations. Hear Forrester advice on best practices and the use of detection–as–code.
Blog
2003 Called, And It Doesn’t Want Its Email Security Appliances Back
Email security appliances have come a long way in the past 20 years. Learn the benefits of cloud-delivered email security.
Blog
Seize The Opportunity: The Security & Risk Enterprise Leadership Award 2023
Last month, Forrester announced its inaugural Security & Risk Enterprise Leadership Award. As former CISOs, my Forrester colleague Brian Wrozek and I are sharing our thoughts about why you should apply. There are tangible benefits to you, your team, your organization, and the greater security community. You should apply — and apply now — for […]
Blog
Black Hat USA 2023: Insights From Our Short Vegas Residency
Black Hat USA 2023: Insights From Our Short Vegas Residency Black Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors. A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with […]
Blog
The Big Three Hyperscalers All Have Cloud-Native ZTNA Now
Zero Trust advocates have been on a campaign to #KillTheVPN for years, largely because VPNs provide too much (implicit) access and can become the entry point for malicious activity. The replacement technology is Zero Trust network access (ZTNA), and it is how most organizations are getting into Zero Trust today. ZTNA was the darling of […]
Strenthen Security Operations With Agile SecOps
Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.
Blog
Introducing Detection Surface, The Cybersecurity Defense That Parallels Attack Surface
On traditional infrastructure (laptops, servers, workstations, on-premises network infrastructure), the attack surface was the closest match to true perimeter-based defense we could get. The network infrastructure gave access to the systems within (crunchy outside; gooey, cubicle, khakis, and blue button-downs inside). As such, detection of attacker activity was relegated to network-based activity, endpoint-based activity, and […]
Blog
To Secure Kubernetes, Think Beyond Kubernetes
Kubernetes is the de facto standard for deploying and managing application workloads and containers. Lee has written quite a bit about the power of Kubernetes as an innovation platform, but while development and architecture teams are bullish on Kubernetes, security teams can find themselves scrambling to secure Kubernetes environments as they hurtle toward production. The […]
Blog
Announcing Forrester’s Security & Risk Enterprise Leadership Award
Forrester is thrilled to announce its inaugural Security & Risk Enterprise Leadership Award, which will recognize security organizations that have transformed the security, privacy, and risk management functions to fuel long-term success. Learn how to apply here.
Blog
The CNAPP Product Category is Getting Crowded With Capabilities
Learn four key reasons why the packaging of cloud-native application protection platforms into a bundle is unnecessary and possibly even misleading.
Blog
Announcing The Forrester Wave™: Managed Detection And Response, Q2 2023
The Forrester Wave™: Managed Detection And Response (MDR), Q2 2023 is live! The MDR market continues to redefine what it means to offer a successful security service with high client satisfaction and retention rates and, as a result, extraordinary growth rates. For now, no single vendor dominates the MDR market, but providers bringing endpoint detection […]
Seven Steps To Bolstering Network Security With Zero Trust Edge
Watch this video to break down vendor ZTE hype and learn how to implement it across all endpoints in an enteprisewide networking fabric.
Blog
Protecting Against The Top Cybersecurity Threats In 2023 Requires A Balanced Approach
Get a preview of the top five cybersecurity threats — established and emerging — for this year and learn how to defend against each.
Blog
The New Major Cloud Adopters: Financial Services
Learn why financial services organizations are relying more on public cloud today for digital banking services.
Blog
Plan Now For Major Changes To Oracle Java Licensing Costs
Oracle has again changed licensing rules for its widely used Java product. On January 23, 2023, the company introduced a new license metric, the SE Universal Subscription. It offers all the benefits of the legacy Java SE subscription, plus universal use rights (desktop, server, and third-party cloud) and triage support for customers’ entire Java portfolio, […]
Blog
2023 Security Recommendations: Protect Your Ass(ets) And Lawyer Up
Forrester recently published Top Recommendations For Your Security Program, 2023 for CISOs and other senior cybersecurity and technology leaders. This year’s overarching theme involves protection (as you might expect) — but not exactly in the way you’d think in the context of security. In 2023, our recommendations fall into three major strategic themes for security […]
Blog
Get A Head Start On The National Cybersecurity Strategy
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Get More Risk Mitigation With Your 2024 Budget
Download our 2024 Planning Guide for Security and Risk Leaders to see where strategic cybersecurity investments (and divestments) can deliver more business value.
Blog
A Short History Of Financial Services In The Cloud
I’ve been working with a long list of financial services companies from various subsectors on their cloud strategies. Each wants to know how to best take advantage of cloud while meeting stringent (and shifting) regulatory requirements. It’s been a long road for financial services and cloud. Here’s a little bit of history. Financial services have […]
Blog
How CISOs Can Navigate The 2023 Downturn
CISOs must use this period of austerity to reinforce security as a core competency that drives growth and protects revenue.
Blog
Deciphering Apple’s Recently Announced Data Protection Features
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
More posts