Cloud Security

As both IT vendors and buyers explore the advantages of cloud-based solutions, they must also evaluate and manage cloud security risks. Read more to get the expert guidance required.

Insights

Blog

Splunk Is Good For Cisco, But Cisco Needs To Convince Splunk Customers That Cisco Is Good For Them

Allie Mellen 4 days ago
On September 21, Cisco announced its intention to buy Splunk for $28 billion in cash, its largest acquisition ever and fourth this year. This is a massive investment and win for Cisco from two perspectives: observability and security. Cisco’s full-stack observability platform could catapult into relevance against established competitors overnight. Similarly, on the security side, […]
Blog

Zero Trust For Cloud Workloads? It’s Possible!

Andras Cser September 12, 2023
Curious about Zero Trust in the cloud? Learn more about it in this preview of our upcoming Security & Risk Forum.

Stay Ahead of Threats with These Cutting-Edge Detection Engineering Practices

Join us on Sept. 27 for a live webinar to learn how to enhance your security operations practice with agile and detection engineering practices.

Webinar

How To Enhance Your Security Operations Practice With Agile And Detection Engineering

Join us on Sept. 27 for a deep dive on detection engineering in security operations. Hear Forrester advice on best practices and the use of detection–as–code. 
Blog

2003 Called, And It Doesn’t Want Its Email Security Appliances Back

Joseph Blankenship August 24, 2023
Email security appliances have come a long way in the past 20 years. Learn the benefits of cloud-delivered email security.
Blog

Seize The Opportunity: The Security & Risk Enterprise Leadership Award 2023

David Levine August 22, 2023
Last month, Forrester announced its inaugural Security & Risk Enterprise Leadership Award. As former CISOs, my Forrester colleague Brian Wrozek and I are sharing our thoughts about why you should apply. There are tangible benefits to you, your team, your organization, and the greater security community. You should apply — and apply now — for […]
Blog

Black Hat USA 2023: Insights From Our Short Vegas Residency

Jeff Pollard August 21, 2023
Black Hat USA 2023: Insights From Our Short Vegas Residency Black Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors. A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with […]
Blog

The Big Three Hyperscalers All Have Cloud-Native ZTNA Now

David Holmes August 7, 2023
Zero Trust advocates have been on a campaign to #KillTheVPN for years, largely because VPNs provide too much (implicit) access and can become the entry point for malicious activity. The replacement technology is Zero Trust network access (ZTNA), and it is how most organizations are getting into Zero Trust today. ZTNA was the darling of […]

Strenthen Security Operations With Agile SecOps

Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.

Blog

Introducing Detection Surface, The Cybersecurity Defense That Parallels Attack Surface

Allie Mellen June 26, 2023
On traditional infrastructure (laptops, servers, workstations, on-premises network infrastructure), the attack surface was the closest match to true perimeter-based defense we could get. The network infrastructure gave access to the systems within (crunchy outside; gooey, cubicle, khakis, and blue button-downs inside). As such, detection of attacker activity was relegated to network-based activity, endpoint-based activity, and […]
Blog

To Secure Kubernetes, Think Beyond Kubernetes

Sandy Carielli June 22, 2023
Kubernetes is the de facto standard for deploying and managing application workloads and containers. Lee has written quite a bit about the power of Kubernetes as an innovation platform, but while development and architecture teams are bullish on Kubernetes, security teams can find themselves scrambling to secure Kubernetes environments as they hurtle toward production. The […]
Blog

Announcing Forrester’s Security & Risk Enterprise Leadership Award

Stephanie Balaouras June 21, 2023
Forrester is thrilled to announce its inaugural Security & Risk Enterprise Leadership Award, which will recognize security organizations that have transformed the security, privacy, and risk management functions to fuel long-term success. Learn how to apply here.
Blog

The CNAPP Product Category is Getting Crowded With Capabilities

Andras Cser May 30, 2023
Learn four key reasons why the packaging of cloud-native application protection platforms into a bundle is unnecessary and possibly even misleading.
Blog

Announcing The Forrester Wave™: Managed Detection And Response, Q2 2023

Jeff Pollard May 18, 2023
The Forrester Wave™: Managed Detection And Response (MDR), Q2 2023 is live! The MDR market continues to redefine what it means to offer a successful security service with high client satisfaction and retention rates and, as a result, extraordinary growth rates. For now, no single vendor dominates the MDR market, but providers bringing endpoint detection […]

Seven Steps To Bolstering Network Security With Zero Trust Edge

Watch this video to break down vendor ZTE hype and learn how to implement it across all endpoints in an enteprisewide networking fabric.

Blog

Protecting Against The Top Cybersecurity Threats In 2023 Requires A Balanced Approach

Brian Wrozek May 1, 2023
Get a preview of the top five cybersecurity threats — established and emerging — for this year and learn how to defend against each.
Blog

The New Major Cloud Adopters: Financial Services

Tracy Woo May 1, 2023
Learn why financial services organizations are relying more on public cloud today for digital banking services.
Blog

Plan Now For Major Changes To Oracle Java Licensing Costs

Steven Russman April 10, 2023
Oracle has again changed licensing rules for its widely used Java product. On January 23, 2023, the company introduced a new license metric, the SE Universal Subscription. It offers all the benefits of the legacy Java SE subscription, plus universal use rights (desktop, server, and third-party cloud) and triage support for customers’ entire Java portfolio, […]
Blog

2023 Security Recommendations: Protect Your Ass(ets) And Lawyer Up

Jeff Pollard March 6, 2023
Forrester recently published Top Recommendations For Your Security Program, 2023 for CISOs and other senior cybersecurity and technology leaders. This year’s overarching theme involves protection (as you might expect) — but not exactly in the way you’d think in the context of security. In 2023, our recommendations fall into three major strategic themes for security […]
Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

Get More Risk Mitigation With Your 2024 Budget

Download our 2024 Planning Guide for Security and Risk Leaders to see where strategic cybersecurity investments (and divestments) can deliver more business value.

Blog

A Short History Of Financial Services In The Cloud

Tracy Woo February 28, 2023
I’ve been working with a long list of financial services companies from various subsectors on their cloud strategies. Each wants to know how to best take advantage of cloud while meeting stringent (and shifting) regulatory requirements. It’s been a long road for financial services and cloud. Here’s a little bit of history. Financial services have […]
Blog

How CISOs Can Navigate The 2023 Downturn

Jess Burn January 30, 2023
CISOs must use this period of austerity to reinforce security as a core competency that drives growth and protects revenue.
Blog

Deciphering Apple’s Recently Announced Data Protection Features

Geoff Cairns December 21, 2022
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
More posts