Cybersecurity Trends
Stay up-to-date on the cutting edge of cybersecurity with insights on Zero Trust, vendors, regulations, and other privacy & security topics.
Insights
Blog
MITRE-geddon Averted, But Fragility In CVE Processes Remains
This week, we saw the CVE process, as we know it, come hours from the brink of collapse when a memo started circulating on LinkedIn that DHS would cut funding to MITRE’s CVE cataloging on April 16. MITRE’s role in the CVE process is the crucial first step in assigning IDs to vulnerabilities so that practitioners, vendors, researchers, and governments across the globe can consistently reference the same vulnerability. The process also allows for responsible disclosures and accountability for vulnerabilities to software companies.
Blog
Government Leaders: Prioritize Cyber Efficiency Amid Federal Volatility
Government agencies at the federal, state, and local levels must prepare for a future where they experience uncertainty, headcount reductions, contract cancellations, and budget cuts. This is gut-wrenchingly difficult to process, yet remaining leaders must figure out how to move forward to serve the mission. For public sector cybersecurity leaders, this is even more paramount. […]
Turn Uncertainty Into Opportunity
Market volatility isn’t a roadblock — it’s your launchpad. With Forrester’s expert resources, you can optimize costs, lead with confidence, and turn challenges into growth.
Blog
Forrester’s Top Threats For 2025
2025 started with a bang! Technology and geopolitics are changing so fast that many can’t keep track of the latest trends, with an announcement of new, benchmark-shattering genAI-related tech seemingly every week.
Blog
RSAC 2025 Early Stage Expo Preview: AppSec, IAM, GenAI, SecOps, And More
As we put together our game plan for what to see at RSA Conference 2025, we wanted to scope out innovation, identify which vendor booths will be a must-see, and (at least for one of us) minimize the number of steps to take around the Moscone Center.
Blog
New Year, New Us: Introducing Forrester’s International Security & Risk Team Research
Dive into our backgrounds, existing research, and capabilities. As a team, we cover a multitude of security and risk priorities. We are also geographically distributed; no one else is as uniquely positioned to add this level of global perspective to our research and our clients.
Blog
How CISOs Can Thrive Amid Economic Volatility
In today’s unpredictable economic climate, CISOs face familiar — but intensified — challenges. Get some actionable insights to help navigate through turbulent times in this preview of a new report.
Blog
Generative AI Innovation In Security Tools Is Finally Getting Interesting
The core themes of The-C2 conference in London were artificial intelligence, supply chain security, and cyber hygiene. Get a closer look at how these themes may impact security professionals in this recap.
Turn Uncertainty Into Opportunity
Market volatility isn’t a roadblock — it’s your launchpad. With Forrester’s expert resources, you can optimize costs, lead with confidence, and turn challenges into growth.
Blog
Address The Whole Person To Impact Insider Risk
One of the main themes from the recent Insider Summit was that insider risk is very much a human problem, not a technology problem. Find out more in this review of the event.
Blog
To Thrive Through Volatility, Master These Three Areas
There’s no end in sight for the current disruption, but making the right strategic moves will help you come out ahead.
Blog
Top Recommendations For CISOs In 2025: Deal With Uncertainty … Again
The security landscape continues to evolve, as does global uncertainty, leaving CISOs preparing for turbulence ahead.
Blog
Cybersecurity’s Latest Buzzword Has Arrived: What Agentic AI Is And Isn’t
As vendors come out of the woodwork announcing their “agentic AI” innovations, we explore what the term truly encompasses and what is hype.
Blog
The Brewing Battle For Digital Online Age Verification
With online identity verification well understood and maturing, the next brewing verification battle is around age verification, a subset of identity verification.
Showcase Your Security & Risk Innovation With A Forrester Award
Get recognized for excellence in security, privacy, and risk innovation. Apply for a Forrester Security & Risk Enterprise Leadership Award to celebrate your success in creating resilient operations. Apply by July 23, 2025.
Blog
How I Apply Third-Party Lab Results In My Security Operations Research
Last week, I attended the AV-Comparatives conference in Innsbruck, Austria. This conference brought together many cybersecurity vendors, particularly those with a European focus, as well as a few nonprofits, academic institutions, and analyst firms.
Blog
Announcing The Forrester Wave™: Managed Detection And Response Services, Q1 2025!
The third installment of The Forrester Wave™: Managed Detection And Response Services is now live, and there’s so much to love about the managed detection and response (MDR) services market: fantastic providers, engaged clients, and meaningful outcomes. This year is no different. Forrester clients can access the full report here. As we mentioned in Choose […]
Blog
Detect, Defend, Deny: Zero Trust World 2025
Cybersecurity vendor ThreatLocker recently hosted its fifth annual Zero Trust World (ZTW) conference in Orlando, welcoming attendees from 28 countries to learn about Zero Trust principles and ThreatLocker offerings. Over two days, the event celebrated Zero Trust as a cybersecurity model and the ThreatLocker approach for achieving Zero Trust. Industry leaders, managed service providers, security […]
Blog
The UK Government Is Ready To Embrace AI, But Without Trust, It Risks Disaster
A commitment to trustworthy AI is paramount to keep the enthusiasm going and avoid backlash — particularly as safety takes a backseat to security.
Blog
Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes
MITRE released its latest Enterprise MITRE ATT&CK Evaluations in December of 2024. At that time, we published a blog with a quick overview of the results. Today, we’re excited to announce that we have released three new pieces of research about this round of evaluations.
Blog
Deepfakes Are Here: Here’s What To Do
In the last two years, growing concerns around the proliferation of and advances in deepfakes has raised concerns around their potential to impede adoption of facial and voice biometrics.
Blog
Assessment Is Anyone’s Guess: Proving GOAT Status Requires Validation
As spectators tuned in to Super Bowl LIX to indulge in American culture rife with consumerism, T. Swift, and rap feuds, the buzz was less around the game and more on determining who is pro football’s GOAT (greatest of all time).
Blog
Choose Your Own MDR Adventure: Avoid The Free-For-All Of “New” MDR Services
Managed detection and response (MDR) — without a doubt — has successfully claimed the crown of all managed security services for making and keeping clients happy.
More posts