security architecture
As businesses compete to win and retain customers concerned about the privacy of their data, more firms are learning the value of a robust and effective security architecture. Get benchmarks and technical guidance here.
Insights
Blog
Announcing The Forrester Wave™: Zero Trust Platform Providers, Q3 2023
Get an inside look at some of the highlights and findings from the new Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report.
Blog
Exposure Management Looks To Usurp Vulnerability Management, But Is The New Emperor Wearing Any Clothes?
Hans Christian Anderson’s classic tale of the emperor that gets duped into a fancy, new, and invisible wardrobe provides lessons in swindling, pride, and truth. It’s only when the emperor struts in front of the commoners that a child finally states, “Wait a minute — there’s nothing to this outfit. He’s not wearing anything.” As […]
Global
Don’t Miss Our Live 2024 Predictions Deep Dive
Join us on January 18 to hear from the tech, CX, and B2B analysts behind our 2024 global predictions and get an important generative AI update from Forrester’s CEO, George Colony.
Podcast
Zero Trust Past, Present, And Future
Zero Trust has evolved since its earliest iterations, but it’s never been more vital than it is today. In this episode, Principal Analyst David Holmes discusses the origins of Zero Trust and its future impact on driving business value.
Blog
The CISO And CIO Microsoft Security Dilemma: Fend Off Or Learn To Love?
Should CISOs fend off Microsoft to keep their preferred products or embrace consolidation? Find out in this blog.
Blog
Announcing The Forrester Wave™: Vulnerability Risk Management, Q3 2023
Vulnerability risk management (VRM) solutions look very different today than they did in 2019. Learn what's changed in our new Wave report.
Webinar
Enhance Your Security Operations Practice With Agile And Detection Engineering
Get a deep dive on detection engineering in security operations. Hear Forrester advice on best practices and the use of detection–as–code.
Blog
Seize The Opportunity: The Security & Risk Enterprise Leadership Award 2023
Last month, Forrester announced its inaugural Security & Risk Enterprise Leadership Award. As former CISOs, my Forrester colleague Brian Wrozek and I are sharing our thoughts about why you should apply. There are tangible benefits to you, your team, your organization, and the greater security community. You should apply — and apply now — for […]
60% Of Skeptics Will Use (And Love!) GenAI
Surprised? Download Forrester’s 2024 Predictions guide to see why progress will be driven by exploration — and 14 other global predictions on AI, privacy, B2B buyers, hybrid work, and more.
Blog
Black Hat USA 2023: Insights From Our Short Vegas Residency
Black Hat USA 2023: Insights From Our Short Vegas Residency Black Hat has gone from being RSAC’s smaller tech and practitioner-focused cousin to being a commercial showcase for cybersecurity vendors. A tightly packed, noisy Business Hall included over 300 vendors and 400 organizations with booths, which was great for swag but bad for anyone with […]
Blog
Post-Quantum Security: Have You Started Your Journey?
The European Policy Centre recently published a quantum cybersecurity agenda for Europe in July 2023. This is yet another example of raising awareness and issuing calls to action for post-quantum security preparations. This follows the World Economic Forum and Deloitte issuing a perspective on transitioning to a quantum-secure economy in 2022. Also in late 2022, […]
Blog
Introducing The Zero Trust Threat Detection And Response Tech Tide™
As a mariner, I know the value of paying attention to the tides to navigate complex waterways in previously untraveled waters. This Tech Tide™ enables security and risk pros to identify wasteful and redundant technologies while focusing on the current attack surface. As attacks increase in sophistication, Zero Trust threat detection and response has become […]
Blog
The Busy Security Leader’s Guide To The National Cybersecurity Strategy Implementation Plan
Security and risk leaders beware, the Biden Administration released the next major step in its plan to implement the National Cybersecurity Strategy (NCS) on July 13, 2023. The National Cybersecurity Strategy Implementation Plan (NCSIP) includes 65 federal initiatives across five pillars aimed at increasing cybersecurity investment, assigning federal agencies to specific initiatives, and giving timelines […]
Blog
Introducing Detection Surface, The Cybersecurity Defense That Parallels Attack Surface
On traditional infrastructure (laptops, servers, workstations, on-premises network infrastructure), the attack surface was the closest match to true perimeter-based defense we could get. The network infrastructure gave access to the systems within (crunchy outside; gooey, cubicle, khakis, and blue button-downs inside). As such, detection of attacker activity was relegated to network-based activity, endpoint-based activity, and […]
Stay Ahead Of Threats With Detection And Response Engineering
Enhance your security operations by learning the latest detection and response engineering practices.
Blog
Announcing Forrester’s Security & Risk Enterprise Leadership Award
Forrester is thrilled to announce its inaugural Security & Risk Enterprise Leadership Award, which will recognize security organizations that have transformed the security, privacy, and risk management functions to fuel long-term success. Learn how to apply here.
Blog
VRM And SOC Teams Can Benefit From Each Other
We’re excited to announce our latest research on vulnerability risk management (VRM) and security operations center (SOC) teams. VRM and SOC teams are pivotal parts of the security organization, with different responsibilities but shared challenges. When Allie and I kicked off our research on interlocks between these teams earlier this year, we weren’t sure what […]
Blog
The CNAPP Product Category is Getting Crowded With Capabilities
Learn four key reasons why the packaging of cloud-native application protection platforms into a bundle is unnecessary and possibly even misleading.
Blog
Announcing The Vulnerability Risk Management Landscape, Q2 2023
What do organizations use VRM for? Learn the five top use cases in this preview of our new report: The Vulnerability Risk Management Landscape, Q2 2023.
Blog
The Microsegmentation Plot Thickens
Inquiries about microsegmentation (also called Zero Trust segmentation) have been rising steadily, especially since the start of the year. This is great, because it means people are getting serious about Zero Trust (microsegmentation is the super-serious part). All these phone calls are prompting me to share my latest thoughts on the subject, so here we […]
Strenthen Security Operations With Agile SecOps
Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.
Webinar
Ransomware Defense For Constrained State And Local Budgets
Explore the state of ransomware vulnerability for state and local governments — and how you can protect your agency with limited resources.
Blog
Plan Now For Major Changes To Oracle Java Licensing Costs
Oracle has again changed licensing rules for its widely used Java product. On January 23, 2023, the company introduced a new license metric, the SE Universal Subscription. It offers all the benefits of the legacy Java SE subscription, plus universal use rights (desktop, server, and third-party cloud) and triage support for customers’ entire Java portfolio, […]
Blog
2023 Security Recommendations: Protect Your Ass(ets) And Lawyer Up
Forrester recently published Top Recommendations For Your Security Program, 2023 for CISOs and other senior cybersecurity and technology leaders. This year’s overarching theme involves protection (as you might expect) — but not exactly in the way you’d think in the context of security. In 2023, our recommendations fall into three major strategic themes for security […]
More posts