Stay up-to-date on the cutting edge of cybersecurity with insights on Zero Trust, vendors, regulations, and other privacy & security topics.
Zero Trust Finally Moves From Concept To Reality For Asia Pacific Firms
Forrester started covering Zero Trust (ZT) adoption in APAC in early 2020, when Zero Trust was largely touted as a buzzword in our region. At the time, this inaugural APAC-specific ZT research showed that, while ZT was already mainstream in the US and Europe, it was slowly but surely gaining adoption in APAC. Fast-forward two […]
CISO Influence Gone Awry: When Buy-In Goes Wrong
When Buy-In Goes Wrong — Perspectives From A Former CISO/CSO In my last blog, I talked about how “it takes a village” from the perspective of the job being bigger than any one person and the many benefits of being involved in the CISO community to leverage the collective power of a broad support base. […]
Defend Your Local Agency From Ransomware
Don't let resources limit your ransomware security. Attend our May 24th webinar to explore a ransomware playbook for success and what to do if ransomware strikes.
VRM And SOC Teams Can Benefit From Each Other
We’re excited to announce our latest research on vulnerability risk management (VRM) and security operations center (SOC) teams. VRM and SOC teams are pivotal parts of the security organization, with different responsibilities but shared challenges. When Allie and I kicked off our research on interlocks between these teams earlier this year, we weren’t sure what […]
Defending AI Models: From Soon To Yesterday
Enterprise adoption of fine-tuned large language models is already underway, forcing cybersecurity teams to learn quickly how to protect them.
Announcing The Vulnerability Risk Management Landscape, Q2 2023
What do organizations use VRM for? Learn the five top use cases in this preview of our new report: The Vulnerability Risk Management Landscape, Q2 2023.
Announcing The Forrester Wave™: Managed Detection And Response, Q2 2023
The Forrester Wave™: Managed Detection And Response (MDR), Q2 2023 is live! The MDR market continues to redefine what it means to offer a successful security service with high client satisfaction and retention rates and, as a result, extraordinary growth rates. For now, no single vendor dominates the MDR market, but providers bringing endpoint detection […]
The Microsegmentation Plot Thickens
Inquiries about microsegmentation (also called Zero Trust segmentation) have been rising steadily, especially since the start of the year. This is great, because it means people are getting serious about Zero Trust (microsegmentation is the super-serious part). All these phone calls are prompting me to share my latest thoughts on the subject, so here we […]
Put Public-Sector 2023 Success Into Perspective
Join us for a Predictions 2023 webinar on the staffing and data integrity pressures to plan for now.
The World Lags With SBOM Requirements, But Likely Not For Long
The US Executive Order on Improving the Nation’s Cybersecurity ignited an evolution in software supply-chain security that breaches such as the ones on SolarWinds and Colonial Pipeline fueled. Putting teeth behind the Executive Order, an Office of Management and Budget September 2022 memorandum allows agencies to request a software bill of materials (SBOM) from suppliers. […]
Ransomware Defense For Constrained State And Local Budgets
Explore the state of ransomware vulnerability for state and local governments — and how you can protect your agency with limited resources.
Insights From The 2023 RSA Conference: Generative AI, Quantum, And Innovation Sandbox
RSAC 2023 is a wrap! The Forrester security and risk team had 11 attendees at the RSA Conference last week. We really enjoyed meeting with clients and colleagues old and new — and now we’re exhausted. It’s no mystery why; as a team, we collectively participated in over 230 meetings and took more than 1.5 […]
Wonder Twin Powers, Activate! Cyber Risk Ratings And Third-Party Risk Platforms Are More Powerful Together
Third-party risk management and cyber risk ratings fight better together, making security and risk professionals the beneficiaries of the alliance.
Harnessing CISO Collective Power
Lone Wolf Or Wolf Pack? Perspectives From A Former CISO/CSO One of the most valuable, important, and rewarding things I did during my tenure as a CISO/CSO was becoming involved in the CISO community. There are plenty of leaders who choose to go down the CISO path primarily on their own, and perhaps for some, […]
Unlock The Secret To 2023 Tech Success
Attend our predictions webinar on overcoming resource constraints with a focus on resiliency and talent.
Protecting Against The Top Cybersecurity Threats In 2023 Requires A Balanced Approach
Get a preview of the top five cybersecurity threats — established and emerging — for this year and learn how to defend against each.
Decoding The New Zero Trust Terminology
Over the last year, I’ve been scared of two things. Our research teams have been planning and publishing a ton of research around Zero Trust, and since we’re analysts, new terminology, and comorbid acronyms, have emerged. My first fear was that all these new terms would confuse both the readers and the market. The second […]
The EU Cyber Solidarity Act Will Fail If It Is Stunted By Geopolitics And Protectionism
On 18 April 2023, the European Commission adopted a proposal for the EU Cyber Solidarity Act to strengthen cybersecurity capabilities in the EU. The proposed act will support detection and awareness of cybersecurity threats, bolster preparedness of critical entities, reinforce solidarity, and improve crisis management and response capabilities across member states. Additionally, the Commission presented […]
Don’t Ignore Your Employee Offboarding Processes
How offboarding is handled not only impacts your organization directly — it can also have a lasting effect on how others perceive your organization. Our two latest reports can help leaders mitigate the risks.
What I’m Looking For At RSA Conference 2023
The countdown begins! I’ve confirmed the last 1:1 meeting spot on my calendar. The Forrester team is preparing for a panel discussion and topic tables at our client meet-and-greet event. I’m glad that track sessions and keynotes will also be available on demand. I aim to attend a few in person, but I know I’ll […]
Generative AI Goes Mainstream In Security With Microsoft Security Copilot
Typically, security is late to the game with technology innovation. Before we get to see innovative technology, we have to wait for it to matter to security. This time, however, is different. In January, we predicted how the announcement of ChatGPT could change cybersecurity, and today, our predictions were validated again with the announcement of […]
The US Government Is Here And Really Wants To Help Protect You From Ransomware
Ransomware Vulnerability Warnings Are Coming To A Critical Infrastructure Near You The US Cybersecurity and Infrastructure Security Agency (CISA) launched the Ransomware Vulnerability Warning Pilot (RVWP) in January 2023 in response to ongoing concerns about the threat of ransomware. This is the CISA’s ransomware-centric take on external attack surface management for critical infrastructure. The RVWP pilot […]
Impressions From Mobile World Congress 2023
Mobile World Congress 2023 shows that there is still a lot of dynamism in the tech sector and gives attendees insights into networks, cloud infrastructure, and the emerging world of connected solutions.