Cybersecurity Trends

Microsoft recently announced Defender Vulnerability Management is available in a 120-day public preview as as a standalone, endpoint detection and response (EDR)-agnostic option. Defender for Endpoint Plan 2 customers have the option to purchase new add-on capabilities, while Defender for Endpoint Plan 1 customers will need to purchase the full standalone version. This release is […]

The US Cybersecurity and Infrastructure Security Agency and other government agencies will continue to weigh in on vulnerability and patch management. Be prepared to respond.

Everything-eventually-becomes-a-service which Microsoft demonstrates by launching its own version of managed detection & response. We discuss what CISOs need to know, how it will impact the market, and what to look for next.

Hello, my name is Fahad Ehsan, and I am the newest analyst on the Forrester’s security and risk team. I will be joining Frederic Giron, Jinan Budge, and David Holmes, conducting research on managed security service providers, vulnerability management, Zero Trust, and cloud security. Tell Us About Yourself I was born and raised in Lahore, […]

BISOs operate on behalf of the CISO, serving as an advisor to the business unit’s functional leaders. They also engage as a member of the business unit’s senior leadership team to understand, discuss, and advise on the intersection of strategic priorities and key IT and security risks.

The toughest battle SOC analysts face every day should not be with the technology they use. Analyst Experience (AX) will help solve that problem.

Nearly two-thirds of organizations were breached in the past year, and it cost them an average of $2.4 million per breach. Our recent survey results dive into these and other findings.

The Coppola classic has a few surprising parallels with today's chief information security officer.

An entry-level cybersecurity role has requirements much closer to an intermediate one, our research shows. What else should security leaders keep in mind to attract the right candidates?

We’ve all been on a site visit to a managed security services (MSS) provider’s security operations center (SOC), where your prospective MSS provider shows you yet another set of screens with big “pew-pew maps” with little dots and lines going haywire where it has seen cyberattacks. These maps are about as useful as an NFT: […]

The security awareness and training (SA&T) market has been stagnant for so long, with the last major disruption as far as I can tell being the introduction of phishing simulations about a decade or so ago. Since then, the industry seems to have seen a slow and steady evolution from ticking boxes to meet a […]

Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]

Mandiant trades up from FireEye and finds a home within Google Cloud Platform.

Forrester predicts that in 2022, one in 10 experienced security pros will exit the industry. This brain drain is the result of a few dynamics colliding: poor financial and advancement incentives; general stress and burnout impacting security teams; and cybersecurity’s dirty little secret, workplace toxicity! And cybersecurity isn’t immune to the hidden epidemic impacting women’s ability […]

Risk management leaders in Europe and worldwide are already being impacted by the war in Ukraine and the sanctions imposed on Russian and Belarusian actors. Forrester analysts provide their guidance in this post.

Eleven things you can do now to reduce your risks and exposure to the cyber threats related to the war.

Thanks to a few end-of-2021 personal challenges, I was not able to write this blog earlier. I decided, however, that it’s never too late to announce research in which we invested over four months (and over a year of prework and research): The Forrester Wave™: Cybersecurity Consulting Providers In Asia Pacific, Q4 2021. This is […]

Get tips on how improving application security can help you secure your products and retain the trust of your customers.

Get a preview of some new Forrester research to help evolve your cybersecurity and privacy practices to meet new threats and ensure confident customer and employee interactions.