security architecture

As businesses compete to win and retain customers concerned about the privacy of their data, more firms are learning the value of a robust and effective security architecture. Get benchmarks and technical guidance here.

Learn more about how Forrester supports IT professionals.

Insights

Blog

2023 Security Recommendations: Protect Your Ass(ets) And Lawyer Up

Jeff Pollard March 6, 2023
Forrester recently published Top Recommendations For Your Security Program, 2023 for CISOs and other senior cybersecurity and technology leaders. This year’s overarching theme involves protection (as you might expect) — but not exactly in the way you’d think in the context of security. In 2023, our recommendations fall into three major strategic themes for security […]
Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.

Unlock The Secret To 2023 Tech Success

Attend our predictions webinar on overcoming resource constraints with a focus on resiliency and talent.

Blog

Five Reasons Why CISOs Should Report To CEOs

Jeff Pollard February 21, 2023
Cybersecurity problems won’t disappear, but CISOs who are elevated in the organization run better cybersecurity programs.
Blog

A Zero Trust Paradox: Which Comes First, Microsegmentation Or Microperimeter?

Carlos Rivera February 21, 2023
The common trope, “What came first, the chicken or the egg?” is a question about origins and paradoxical relationships. Security and risk conversations about microsegmentation and microperimeters suffer from a similar dilemma. These two concepts are heavily emphasized in Zero Trust conversations as key components to advance maturity. Security and risk pros confuse the usage […]
Blog

Cybersecurity Risk Dashboards: No Value, Extreme Liability

Jeff Pollard January 30, 2023
Over the last 12 months, “risk dashboards” became all the rage in cybersecurity, with varied titles such as “risk index,” “security baseline,” “security posture,” and “risk posture.” These dashboards appear in a vendor’s user interface and purport to help security programs improve. Some even offer coveted “benchmark data” that leaders can share with boards and […]
Blog

External Attack Surface Management Finds Assets That Your Org Can’t See

Erik Nost January 18, 2023
The External Attack Surface Management Landscape, Q1 2023 is now available! Forrester clients can view the report to dive deeper into the benefits of EASM and key functionalities to assess when selecting an EASM vendor. As Jess Burn and I finalized this report, we couldn’t help but think that organizations that are blind to what’s […]
Blog

Ringing In The New Year With Minimum Viable Security

Sandy Carielli January 17, 2023
Learn the benefits of implementing a minimum viable security strategy and get some clear next steps on putting it into practice at your organization.

Prepare Your Infrastructure For 2023 Change

Get our Predictions 2023 guide to explore the infrastructure shifts driving transformation and resiliency.

Blog

Meet The New EMEA Cybersecurity Analyst

Tope Olufon December 5, 2022
Meet Tope Olufon, the new analyst covering cybersecurity in EMEA.
Blog

Enterprise Browsers Reignite The Browser Wars But This Time For Businesses

Paddy Harrington November 4, 2022
I’ve been in the IT industry long enough to remember the start of the “browser wars,” when Internet Explorer took on Netscape in the late 1990s. Product names such as Mosaic, Netscape, “IE,” and Mozilla (and its next iteration with Firefox) were all part of the browser market development. Safari came along for Mac in […]
Blog

In The Mature WAF Market, Product Offerings Continue To Expand

Sandy Carielli September 27, 2022
At first glance, the web application firewall (WAF) market — populated by long time vendors with robust partner programs, extensive supporting services, and a slew of customer engagement opportunities — may seem like a space that has topped out. However, changes in how organizations develop and deploy applications — more hybrid cloud, more APIs, more […]
Webinar

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

As 2023 approaches, security leaders are hard at work planning for the cybersecurity trends headed our way – setting budgets, developing plans, and establishing priorities. Is your plan on track?
Blog

Meet The New Analyst Covering IAM: Geoff Cairns

Geoff Cairns August 25, 2022
What Topics Will You Be Covering At Forrester? I am very excited to be covering identity and access management (IAM), with a focus on the workforce environment (business to employee). I will also collaborate with Forrester’s other IAM analyst, Andras Cser. Some areas and topics that I hope to explore include: How to optimize workforce […]

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

Join us for a planning webinar to learn how you can budget and align your 2023 cybersecurity plans for what’s ahead.

Blog

New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities

Merritt Maxim August 23, 2022
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
Blog

The US Pipeline Industry Catches A Break, But Now Is Not The Time To Be Complacent

Brian Wrozek August 11, 2022
The Transportation Security Administration's relaxing of rules based on industry feedback is welcome. Yet the days of nonexistent or voluntary cybersecurity regulations for critical infrastructure are ending.
Blog

US Federal Government Continues Cybersecurity Leadership With New OMB Memo

Heath Mullins July 29, 2022
The guidance in the new memorandum enables federal civilian agencies to properly assign cyber-initiative funding toward the most critical areas. Here, we take a closer look.
Blog

Meet The New Analyst Covering OT Security: Brian Wrozek

Brian Wrozek July 27, 2022
What Topics Will You Be Covering At Forrester? I am very excited to be covering security and risk for operational technology (OT) environments, including the critical infrastructure and manufacturing industries. This is a growing area of concern because OT-specific attacks are increasing and the stakes are higher regarding the potential impact to human safety and […]
Blog

The Reaper Comes For Cyber Unicorns

Jeff Pollard June 13, 2022
While the economic downturn is in its early stages, it looks as though the hypergrowth phase of the cybersecurity vendor party has reached an abrupt end.

Federal Zero Trust Or Bust?

Learn the three steps to federal Zero Trust compliance.

Blog

Meet The New Analyst Covering Vulnerability Risk Management: Erik Nost

Erik Nost May 11, 2022
What Topics Will You Be Covering at Forrester? I am very excited to be covering vulnerability risk management (VRM) at Forrester, including threat modeling and management and penetration testing. Some of the areas in VRM that I hope to explore include: Vulnerability risk prioritization, especially with new “zero days” hitting at what seems like every […]
Blog

Microsoft Launches MDR And Hops On The Everything-As-A-Service Bandwagon

Jeff Pollard May 10, 2022
Everything-eventually-becomes-a-service which Microsoft demonstrates by launching its own version of managed detection & response. We discuss what CISOs need to know, how it will impact the market, and what to look for next.
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.
More posts