Cybersecurity Trends

Stay up-to-date on the cutting edge of cybersecurity with insights on Zero Trust, vendors, regulations, and other privacy & security topics.

Insights

Blog

Call It What You Want, Cyber Risk Quantification Is Now A Must

Cody Scott 4 days ago
What do Live Nation’s Taylor Swift ticketing debacle and cyber risk have in common? Bad assumptions. Whether you confidently believe that you can anticipate record ticket demand or believe that your payment processing infrastructure is secure enough to handle it, that belief is based on an assumption, and that assumption is based on the past […]
Blog

Vehicle Security: Making Sure K.I.T.T. Doesn’t Become K.A.R.R.

Paddy Harrington 4 days ago
We ended 2022 with the announcement of a vulnerability within SiriusXM Connected Vehicle Services, which has a broad impact because of the ubiquity of these units. In 2023 the vehicle-related software vulnerabilities just keep on coming, this time within API endpoints used by vehicles’ telematics systems, an issue with a wide impact across 16 different […]

Prepare Your Infrastructure For 2023 Change

Get our Predictions 2023 guide to explore the infrastructure shifts driving transformation and resiliency.

Blog

Groundhog Day, SEC Style: Proposed Rule On Cybersecurity Risk Governance Has All The Pain Of SOX With Fewer Financial Penalties

Alla Valente 5 days ago
There’s a significant shift ahead for how public firms and their boards treat cybersecurity risk. The last two years increased the amount of cybersecurity oversight in terms of regulations and guidelines. Voluntary “recommendations” such as the National Institute of Standards and Technology’s guidelines for AI offer a starting point for safer use of artificial intelligence, […]
Blog

How CISOs Can Navigate The 2023 Downturn

Jess Burn January 30, 2023
CISOs must use this period of austerity to reinforce security as a core competency that drives growth and protects revenue.
Blog

Cybersecurity Risk Dashboards: No Value, Extreme Liability

Jeff Pollard January 30, 2023
Over the last 12 months, “risk dashboards” became all the rage in cybersecurity, with varied titles such as “risk index,” “security baseline,” “security posture,” and “risk posture.” These dashboards appear in a vendor’s user interface and purport to help security programs improve. Some even offer coveted “benchmark data” that leaders can share with boards and […]
Blog

ChatGPT: Cybersecurity Ramifications Beyond Malware

Jeff Pollard January 26, 2023
Plenty of people had fun with ChatGPT when it released, but I’m not sure any industry had more fun than cybersecurity. When first released, it turned out that ChatGPT could write code, convert code from one programming language to another, and write malware. Sure, the coherent nonsense problem persisted, but overall, it produced solid stuff. […]
Blog

External Attack Surface Management Finds Assets That Your Org Can’t See

Erik Nost January 18, 2023
The External Attack Surface Management Landscape, Q1 2023 is now available! Forrester clients can view the report to dive deeper into the benefits of EASM and key functionalities to assess when selecting an EASM vendor. As Jess Burn and I finalized this report, we couldn’t help but think that organizations that are blind to what’s […]

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

Join us for a planning webinar to learn how you can budget and align your 2023 cybersecurity plans for what’s ahead.

Blog

The Many Resources (And Acronyms) You Must Know To Prioritize Vulnerability Remediations

Erik Nost January 9, 2023
Building a robust vulnerability risk strategy takes input from multiple resources. More importantly, it requires input on factors specific to your company.
Blog

Leadership: Don’t Make It Harder Than It Is — Perspectives From A Former CISO/CSO

David Levine January 9, 2023
I’m kicking off my blog series, “Perspectives From A Former CISO,” with my thoughts on leadership. The series will pull from my experiences as a CISO and those of my peers. To be clear, I don’t purport to have the all the answers but did learn a thing to two during my tenure leading teams […]
Blog

My 2022 Airing Of Grievances And Feats Of Strength

Jinan Budge December 26, 2022
In the spirit of Festivus, I’m airing my grievances and demonstrating my feats of strength. I don’t know about you, but I didn’t enter 2022 with a full tank. I started the year by joining the hordes of people revenge-travelling/shopping/connecting/renovating (I know!). It’s no wonder I feel utterly exhausted. It’s also no wonder that I […]
Blog

Deciphering Apple’s Recently Announced Data Protection Features

Geoff Cairns December 21, 2022
Earlier this month, Apple announced several important new data protection features for general availability in 2023 that have numerous implications for security teams in all industries and geographies. Here is the Forrester security and risk team’s collective analysis of these new features. Quick Summary The announcement is not particularly noteworthy in terms of the newly […]
Blog

Enterprise Firewalls: The Security Tech That Keeps On Ticking

David Holmes December 20, 2022
Learn the three approaches enterprise firewall vendors are taking to work around a shortage of network security techs.

Federal Zero Trust Or Bust?

Learn the three steps to federal Zero Trust compliance.

Blog

’Tis The Season To Highlight Our Favorite 2022 S&R Research

Joseph Blankenship December 19, 2022
It’s December, the year is almost over, and most of us will be taking the next week off, so what better way to wrap up 2022 than with a review of some of our favorite security and risk (S&R) reports from this year? I teamed up with Senior Research Associate Alexis Tatro to highlight her […]
Blog

Announcing The Forrester Wave™: Security Analytics Platforms, Q4 2022

Allie Mellen December 14, 2022
The security analytics platform market is moving faster than it has in years, as demonstrated by these Wave results. Though Splunk still has a tight grip on the segment, competitors are finding opportunities to loosen its hold by addressing continued dissatisfaction with outdated pricing models. Hyperscalers like Microsoft are establishing themselves as top competitors through […]
Blog

Has Zero Trust Killed Defense in Depth? Or “DiD” It Refine It?

Carlos Rivera December 12, 2022
Zero Trust (ZT) continues to make waves (no pun intended), with US federal agencies now publishing guidance, such as the OMB’s M-22-09 or the DoD’s ZT strategy, for effective implementations, allowing for the government to be viewed as a source of trust in cybersecurity — although ZT is still mired in myths, and these can […]
Blog

Meet The New EMEA Cybersecurity Analyst

Tope Olufon December 5, 2022
Meet Tope Olufon, the new analyst covering cybersecurity in EMEA.
Blog

A Look Inside The Forrester-WISP Partnership: A Q&A With Rachel Tobac

Allie Mellen November 29, 2022
The chair of the board at Women in Security and Privacy (WISP) discusses the organization's work and how companies can partner with it to foster diversity in cybersecurity.

COVID-19: Responding, Managing, And Leading During A Pandemic

The latest insights and guidance for leaders to address the growing business and employee experience implications of COVID-19.

Blog

Acknowledging Our Love-Hate Relationship With Security Certifications

Jess Burn November 2, 2022
Security certifications don’t make you a better practitioner, they make you a better candidate. Experience and continued training and upskilling takes over from there. How do we reconcile this?
Blog

APAC Predictions 2023: Cybersecurity And Risk

Jinan Budge November 1, 2022
In 2023, APAC firms that prioritize internal security and risk cultural practices to deal with external forces will fare the best. Learn more in our 2023 predictions for cybersecurity and risk in APAC.
Blog

Predictions 2023: Security Pros Face Greater Internal Risks

Heidi Shey October 31, 2022
On top of the usual challenges, in 2023, security pros will see more risk coming from internal forces, such as enabling anywhere work and the future of the office. Learn more in our 2023 predictions.
More posts