As businesses compete to win and retain customers concerned about the privacy of their data, more firms are learning the value of a robust and effective security architecture. Get benchmarks and technical guidance here.
2023 Security Recommendations: Protect Your Ass(ets) And Lawyer Up
Forrester recently published Top Recommendations For Your Security Program, 2023 for CISOs and other senior cybersecurity and technology leaders. This year’s overarching theme involves protection (as you might expect) — but not exactly in the way you’d think in the context of security. In 2023, our recommendations fall into three major strategic themes for security […]
Get A Head Start On The National Cybersecurity Strategy
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Unlock The Secret To 2023 Tech Success
Attend our predictions webinar on overcoming resource constraints with a focus on resiliency and talent.
Five Reasons Why CISOs Should Report To CEOs
Cybersecurity problems won’t disappear, but CISOs who are elevated in the organization run better cybersecurity programs.
A Zero Trust Paradox: Which Comes First, Microsegmentation Or Microperimeter?
The common trope, “What came first, the chicken or the egg?” is a question about origins and paradoxical relationships. Security and risk conversations about microsegmentation and microperimeters suffer from a similar dilemma. These two concepts are heavily emphasized in Zero Trust conversations as key components to advance maturity. Security and risk pros confuse the usage […]
Cybersecurity Risk Dashboards: No Value, Extreme Liability
Over the last 12 months, “risk dashboards” became all the rage in cybersecurity, with varied titles such as “risk index,” “security baseline,” “security posture,” and “risk posture.” These dashboards appear in a vendor’s user interface and purport to help security programs improve. Some even offer coveted “benchmark data” that leaders can share with boards and […]
External Attack Surface Management Finds Assets That Your Org Can’t See
The External Attack Surface Management Landscape, Q1 2023 is now available! Forrester clients can view the report to dive deeper into the benefits of EASM and key functionalities to assess when selecting an EASM vendor. As Jess Burn and I finalized this report, we couldn’t help but think that organizations that are blind to what’s […]
Ringing In The New Year With Minimum Viable Security
Learn the benefits of implementing a minimum viable security strategy and get some clear next steps on putting it into practice at your organization.
Prepare Your Infrastructure For 2023 Change
Get our Predictions 2023 guide to explore the infrastructure shifts driving transformation and resiliency.
Meet The New EMEA Cybersecurity Analyst
Meet Tope Olufon, the new analyst covering cybersecurity in EMEA.
Enterprise Browsers Reignite The Browser Wars But This Time For Businesses
I’ve been in the IT industry long enough to remember the start of the “browser wars,” when Internet Explorer took on Netscape in the late 1990s. Product names such as Mosaic, Netscape, “IE,” and Mozilla (and its next iteration with Firefox) were all part of the browser market development. Safari came along for Mac in […]
In The Mature WAF Market, Product Offerings Continue To Expand
At first glance, the web application firewall (WAF) market — populated by long time vendors with robust partner programs, extensive supporting services, and a slew of customer engagement opportunities — may seem like a space that has topped out. However, changes in how organizations develop and deploy applications — more hybrid cloud, more APIs, more […]
Shape Your 2023 Cybersecurity Priorities For Uncertain Times
As 2023 approaches, security leaders are hard at work planning for the cybersecurity trends headed our way – setting budgets, developing plans, and establishing priorities. Is your plan on track?
Meet The New Analyst Covering IAM: Geoff Cairns
What Topics Will You Be Covering At Forrester? I am very excited to be covering identity and access management (IAM), with a focus on the workforce environment (business to employee). I will also collaborate with Forrester’s other IAM analyst, Andras Cser. Some areas and topics that I hope to explore include: How to optimize workforce […]
Shape Your 2023 Cybersecurity Priorities For Uncertain Times
Join us for a planning webinar to learn how you can budget and align your 2023 cybersecurity plans for what’s ahead.
New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
The US Pipeline Industry Catches A Break, But Now Is Not The Time To Be Complacent
The Transportation Security Administration's relaxing of rules based on industry feedback is welcome. Yet the days of nonexistent or voluntary cybersecurity regulations for critical infrastructure are ending.
US Federal Government Continues Cybersecurity Leadership With New OMB Memo
The guidance in the new memorandum enables federal civilian agencies to properly assign cyber-initiative funding toward the most critical areas. Here, we take a closer look.
Meet The New Analyst Covering OT Security: Brian Wrozek
What Topics Will You Be Covering At Forrester? I am very excited to be covering security and risk for operational technology (OT) environments, including the critical infrastructure and manufacturing industries. This is a growing area of concern because OT-specific attacks are increasing and the stakes are higher regarding the potential impact to human safety and […]
The Reaper Comes For Cyber Unicorns
While the economic downturn is in its early stages, it looks as though the hypergrowth phase of the cybersecurity vendor party has reached an abrupt end.
Meet The New Analyst Covering Vulnerability Risk Management: Erik Nost
What Topics Will You Be Covering at Forrester? I am very excited to be covering vulnerability risk management (VRM) at Forrester, including threat modeling and management and penetration testing. Some of the areas in VRM that I hope to explore include: Vulnerability risk prioritization, especially with new “zero days” hitting at what seems like every […]
Microsoft Launches MDR And Hops On The Everything-As-A-Service Bandwagon
Everything-eventually-becomes-a-service which Microsoft demonstrates by launching its own version of managed detection & response. We discuss what CISOs need to know, how it will impact the market, and what to look for next.
Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse
The Coppola classic has a few surprising parallels with today's chief information security officer.