Security management
Insights
Blog
Drowning In Security Data Costs? You Get A Data Lake
A common client request I’ve gotten over the past several years is how to best manage growing data costs in the security information and event management (SIEM) system.
Blog
Build Your Proactive Security Program By Matching Attacker Velocity
Effective security must mirror attacker agility. Learn how to think like an attacker and build a proactive security strategy in this preview of our upcoming Technology & Innovation Summit EMEA.
Blog
Security Planning 2026: Budget To Manage Volatility, Seize Opportunities, And Avoid Threats
Security and risk leaders face an uncertain road ahead in 2026. Wild market swings, geopolitical tensions, and increased cybersecurity threats mean that security and risk leaders must build resilient plans and make bold moves to turn volatility into opportunity. Learn how our Budget Planning Guide for security and risk leaders can help.
Blog
Announcing The Forrester Wave™: Zero Trust Platforms, Q3 2025 — Choosing A Platform Solution For Your Zero Trust Journey
The latest edition of our Zero Trust platform vendor evaluation, The Forrester Wave™: Zero Trust Platforms, Q3 2025, published today. It highlights how this market continues to improve upon delivering unified solutions that help simplify and operationalize Zero Trust for organizations. Beginning with The Zero Trust Platforms Landscape, Q1 2025, we researched major players in […]
Blog
Understanding The Real Cyber Risks Behind The Iran-Israel-US Geopolitical Tensions
When geopolitical bombs drop, cyber fallout often follows. Get five key insights to help you focus on the security strategies that matter most during times of geopolitical escalations.
Blog
AWS re:Inforce 2025 — Heavy On User Experience Enhancements, Light On The GenAI Hype
This year's AWS re:Inforce event included a big announcement and revealed other security-related enhancements. Read our top takeaways.
Blog
Announcing The Forrester Wave™: Security Analytics Platforms, Q2 2025 — The SIEM Vs. XDR Fight Intensifies
Find out how our latest analysis of the security analytics platforms space illustrates the dramatic changes this market is undergoing as legacy SIEM vendors are locked in heated competition with surging XDR providers.
Stop The Friction: Align CIOs & CISOs For Smarter 2026 Budget Planning
In uncertain times, teamwork is everything. Join Forrester analysts live on August 6 to align CIOs and CISOs on budget plans, prioritize smart investments, and fortify your security for 2026.
Blog
Datadog DASH: A Revolving Door Of Operations And Security Announcements
Datadog’s 2025 keynote showcased a bold vision for AI-driven observability and security, unveiling a sweeping array of autonomous agents and tools designed to transform IT operations. From Bits AI SRE and Security Analyst to LLM Observability and Code Security, Datadog is trying to position itself as a central hub for operational intelligence in an increasingly algorithmic tech landscape.
Blog
Identiverse 2025 Recap: The Identity Trends Reshaping Your Identity Access Management Roadmap
I recently attended Identiverse in Las Vegas. This was my first time back at Identiverse since conference founder Ping Identity sold the conference in 2021. As identity related initiatives continue to dominate Forrester clients’ top priorities and initiatives, I felt impelled to share my perspectives and insights. Here are my five major conclusions and recommendations […]
Blog
Key Takeaways From Cisco Live 2025: Cisco’s Big Bets For Unified Security And AI
Cisco Live 2025 Focused On Three Main Themes: AI, Simplification, And Security At its annual Cisco Live event, the company delivered a clear message: It’s operationalizing AI across the core pillars of networking, security, and observability. Building on last year’s momentum with innovations like Hypershield and Splunk integration, the company has framed its vision around […]
Blog
You Don’t Need To Be Ethan Hunt To Break Into A Building
In today’s hyper-connected buildings, cybercriminals don’t need grappling hooks or disguises — just a vulnerable thermostat or door lock to breach your defenses and disrupt your operations.
Blog
Supply Chain, AI, And Operational Resilience Risks Dominate ERM Programs In 2025
For risk professionals, leading through 2025’s volatility has been like living in an “Alice in Wonderland” unreality. Risk teams have never been more important as a function to guide their businesses through challenges such as geopolitical risk events, trade disruption, economic volatility, and regulatory disruption.
Blog
Small Purchases, Big Risks: Shadow AI Use In Government
Powerful AI tools are now widely available, and many are free or low-cost. This makes it easier for more people to use AI, but it also means that the usual safety checks by governments — such as those done by central IT departments — can be skipped.
Blog
When You Can’t Change The Technology, Change Your Security Policies
When you can’t change the security of external technologies such as IoT, OT, or power infrastructure, you must adapt your internal cybersecurity policies and controls to mitigate the risks that they introduce.
Blog
Decoding The Naming Game: Why Standardizing Threat Actor Names Alone Won’t Enhance Your Security Posture Or Response
Microsoft, CrowdStrike, Palo Alto Networks, and Mandiant recently announced a new initiative to create an aggregate and standardized glossary of threat actors. Learn the benefits and limitations of standardizing threat actor names.
Blog
Sudo Coming To Windows? Pretty Much, Yeah
Windows 11 introduces a new security feature that separates admin and user roles, bringing a sudolike experience to the desktop.
Blog
Worldcoin Orb Identity Verification Device Faces Headwinds In Mass Adoption
Last week, identity verification and authentication startup World (which was cofounded by OpenAI cofounder Sam Altman) announced that it is broadening operations of its Orb device in the US.
Showcase Your Security & Risk Innovation With A Forrester Award
Get recognized for excellence in security, privacy, and risk innovation. Apply for a Forrester Security & Risk Enterprise Leadership Award to celebrate your success in creating resilient operations.
Blog
Coinbase Flips The Coin On Would-Be Extortionists
In a recent example of why managing insider risk is critical, cryptocurrency exchange Coinbase announced that it was the target of an extortion scheme enabled by insiders. Learn more about the incident and how to protect against it in this blog.
Blog
Tackling Cloud Security: US Federal Edition
Back in 2007, the first US federal CIO, Vivek Kundra, was appointed. Shortly after in December of 2010, he launched one of the world’s first “cloud-first” initiatives, making many US federal agencies such as the General Services Administration (GSA) some of the earlier innovators in this arena.
Blog
Overregulation Forges A CISO Coalition With The G7 Letter
A coalition of over 40 chief information security officers (CISOs) from leading companies, including Salesforce, Microsoft, AWS, Mastercard, and Siemens, sent a letter to the G7 and OECD, urging them to take action on aligning international cybersecurity regulations.
More posts