Cybersecurity Trends

Stay up-to-date on the cutting edge of cybersecurity with insights on Zero Trust, vendors, regulations, and other privacy & security topics.

Insights

Blog

Phantom Phishing Haunts The Inbox

Jess Burn 3 days ago
Recently, my colleagues and I highlighted some haunted happenings that kicked off Cybersecurity Awareness Month with a scream. Today, I’d like to tell you a little ghost story of my own. The data is in from the Forrester Analytics Business Technographics® Security Survey, 2021. When we asked those respondents who suffered an external attack in the last year how that attack was carried out, 31% of them reported […]
Read More
Blog

CISOs And The Next Era Of Security Visibility: Observability

Jeff Pollard 4 days ago
For security leaders and practitioners, it seems like developers and IT teams get all the cool toys, and security pros get stuck with the hand-me-downs. Dev was first to cloud, IT followed, and security warily joined in. IT had patch management while security just scanned to see if the patches weren’t there; and security orchestration, […]
Read More

Get Our 2022 Predictions First

Sign up to get an alert the minute Forrester's 2022 Predictions are available, and be the first to know about the dynamics impacting your organization in the year ahead.

Blog

Perspectives On One Identity’s Acquisition Of OneLogin

Merritt Maxim October 8, 2021
On October 4, 2021, identity and access management (IAM) vendor One Identity announced plans to acquire identity-as-a-service (IDaaS) vendor OneLogin for an undisclosed amount. Founded in 2009, OneLogin is an established pure-play IDaaS vendor that primarily serves midmarket enterprises, with a unified platform for employees, partners, and customers, and has raised over $170 million in […]
Read More
Blog

Halloween Comes Early For Syniverse, FB, And Twitch — What We Can Learn From Their Spooky Outages Plus Breaches

Jeff Pollard October 7, 2021
As renowned ghost hunter and solver of mysteries Scooby-Doo would say, “Ruh roh, Raggy!” It looks like more than ghosts are wreaking havoc on haunted networks. We’re less than a full week into October, and Cybersecurity Awareness Month isn’t quite taking shape the way we expected. Ostensibly, orgs decided to pivot and use this time […]
Read More
Blog

What Security Market Definitions Tell Practitioners

Allie Mellen September 29, 2021
One of the biggest challenges of being a security industry analyst is finding when and how to define new market segments. We both had to do this recently — Jeff with managed detection and response and Allie with extended detection and response (XDR). The most common question we get from security vendors confused as to […]
Read More
Blog

The Application Security Market Will Grow To $12.9 Billion By 2025

Sandy Carielli September 23, 2021
Application security budgets are on the rise. Find out which sectors of the market will see the most dramatic investment and why.
Read More
Blog

Promoting Responsibility, Compliance, And Good Judgment Without Fear, Shame, Or Acrimony

Jinan Budge September 22, 2021
Security programs founded in fear will reduce employee engagement and stifle creativity. Learn how to nurture positive behavior and foster a more positive security culture.
Read More

Security & Risk

Learn how to leverage trust to win, grow, and retain customers at our Security & Risk event Nov. 9–10.

Blog

Introducing The Forrester Now Tech: Cybersecurity Consulting In APAC — A Push Toward New Pricing And Delivery Models

Jinan Budge September 13, 2021
I am thrilled to announce the release of our latest Now Tech: Cybersecurity Consulting Services In Asia Pacific, Q3 2021. This report (available to Forrester clients) showcases Forrester’s overview of 24 cybersecurity consulting providers in Asia Pacific. Our clients leverage these insights to understand the diverse set of vendors by size, capability, geography, and vertical […]
Read More
Blog

Security Leaders: It’s Time To Facilitate Employee Productivity, Not Hinder It

Andrew Hewitt September 13, 2021
As new generations enter the workforce, your security strategy needs to meet their needs as well. Get tips on how to strike the right balance in this blog post.
Read More
Blog

CISOs And The Trust Imperative

Jeff Pollard September 10, 2021
There is no executive role that better aligns with the trust imperative than the CISO. Find out why and how it may impact your organization directly.
Read More
Blog

European Organizations Struggle To Attain Diversity In Their CISO Leadership Roles

Paul McKay August 26, 2021
Written with Zaklina Ber, senior research associate, Forrester Forrester analyzed the career backgrounds of 168 chief information security officers (CISOs) with public profiles who are working for major organizations in Europe with listings in the highest stock market indexes in the UK (FTSE 100), France (CAC 40), Germany (DAX 30), Italy (FTSE MIB), Spain (IBEX […]
Read More
Podcast

The Rising Cost Of Ransomware

What It Means August 19, 2021
What’s driving the increase in ransomware attacks, and what can security leaders do to protect their organizations? Analysts Allie Mellen and Steve Turner provide insight in this episode.
Listen Now
Blog

Software Composition Analysis Is A Core Tool To Protect Your Software Supply Chain

Sandy Carielli August 18, 2021
Over the past year, breaches such as SolarWinds and Kaseya have woken us up to the realities of software supply chain risk. Whether through infiltrating the software delivery pipeline, deliberately uploading malicious components to popular repositories, or taking advantage of existing vulnerabilities in open source components, attackers are leveraging gaps in supply chain controls to […]
Read More
Podcast

Causes And Cures For Toxic Culture In The Security Org

What It Means July 29, 2021
There’s a culture crisis in the IT security field that could be putting firms at risk. Learn about the causes and cures of a toxic security culture from Principal Analyst Jinan Budge in this episode of What It Means.
Listen Now
Blog

XDR FAQ — Frequently Asked Questions On Extended Detection And Response

Allie Mellen July 22, 2021
Learn about the origin, architecture, and applications of extended detection and response (XDR) from analyst Allie Mellen.
Read More
Blog

It’s Christmas In July For Three Threat Intelligence Startups

Brian Kime July 19, 2021
Christmas came early for three vendors in the threat intelligence and attack surface management space this past week. In a reported all-cash $500 million deal (no need for layaway when your market cap is north of $2 trillion), Microsoft acquired threat intelligence and attack surface management vendor RiskIQ. In Europe, Swedish vulnerability risk management firm […]
Read More
Blog

The Space Wide Web Is Ready To Launch

Phil Brunkard July 12, 2021
The Space Tech Industry Is Looking Up The new space race is truly underway following Richard Branson’s monumental first passenger trip to space, beating Jeff Bezos’ Blue Origin passenger flight by more than a week. The Virgin Galactic’s VSS Unity spacecraft did not pass the so-called Karman line, unlike Jeff Bezos’ plans. It did, however, […]
Read More
Blog

It’s Time For The Infosec Industry To Address Gender Bias And Bullying Head On

Jinan Budge July 11, 2021
The week of June 28 was a big one (not in a good way) for showcasing the persistence and depth of harassment and exclusion for women in cybersecurity. Those on infosec social media were flooded with bikini selfies protesting the harassment that a woman received for posting her own bikini selfie. Men and women took […]
Read More
Blog

The Cyber Insurance Roller Coaster: As Demand Speeds Up, Some Insurers Disembark

Heidi Shey June 28, 2021
The first half of 2021 has been anything but quiet for cyber insurance. Forrester has seen a steady flow of client inquiries on the topic, with questions coming in not just from the private sector but also from the public sector. Some are trying to navigate acquiring a cyber insurance policy for the first time, […]
Read More
Blog

Forrester’s List Of Ransomware Resources

Jeff Pollard June 24, 2021
With ransomware continuing as a high-impact problem (with seemingly no end in sight), we’ve put together some useful ransomware resources for security practitioners. Security and risk (S&R) pros can use these resources to help prevent, protect, detect, and respond to ransomware outbreaks. The links below are a mixture of Forrester’s own research and third-party links. […]
Read More
More posts