Security management
Insights
Blog
Human Risk Management: From Talk To Action In 18 Months
Since its launch, human risk management has blossomed into a distinct and expanding market, attracting the interest and budget of many organizations. Learn about the fast evolution of HRM in this preview of our upcoming Security & Risk Summit.
Blog
Announcing The Forrester Wave™: Privileged Identity Management Solutions, Q3 2025
Learn three important factors to consider when planning a privileged identity management (PIM) deployment or enhancement in this preview of our new report on the PIM solution market.
Missed It Live? Unlock The Secrets To CIO & CISO 2026 Budget Alignment
Couldn’t join us live? Watch this on-demand session and discover how leading CIOs and CISOs align on 2026 planning, prioritize investments, and build resilient security frameworks for 2026.
Blog
Master Risk And Conquer Chaos At Forrester’s Security & Risk Summit
For leaders in security, risk, and privacy, this year has been different, with a new level of volatility fueled by geopolitics, new regulatory hurdles, relentless AI disruption, and looming quantum threats. Learn how Forrester’s Security & Risk Summit 2025 can empower you to stay ahead of the chaos, take the right risks, and secure your organization.
Blog
Palo Alto Networks Enters The Identity Security Market With $25B Purchase Of CyberArk
The third-largest cybersecurity M&A deal in history makes sense in some respects, but the track record on mega security and identity tie-ups is incomplete and unproven.
Blog
Microsoft Retires Password Management In Authenticator
Microsoft’s move to gradually retire password management capabilities in its Authenticator application will have three immediate effects.
Blog
Announcing The Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025
Vulnerability management is undergoing a seismic shift. The risk-based prioritization from vulnerability risk management (VRM) has combined with attack surface management (ASM) to form exposure management and continuous security testing — two emerging practices that prioritize visibility and prioritization over remediation and response.
Blog
Drowning In Security Data Costs? You Get A Data Lake
A common client request I’ve gotten over the past several years is how to best manage growing data costs in the security information and event management (SIEM) system.
Blog
Build Your Proactive Security Program By Matching Attacker Velocity
Effective security must mirror attacker agility. Learn how to think like an attacker and build a proactive security strategy in this preview of our upcoming Technology & Innovation Summit EMEA.
Blog
Security Planning 2026: Budget To Manage Volatility, Seize Opportunities, And Avoid Threats
Security and risk leaders face an uncertain road ahead in 2026. Wild market swings, geopolitical tensions, and increased cybersecurity threats mean that security and risk leaders must build resilient plans and make bold moves to turn volatility into opportunity. Learn how our Budget Planning Guide for security and risk leaders can help.
Blog
Announcing The Forrester Wave™: Zero Trust Platforms, Q3 2025 — Choosing A Platform Solution For Your Zero Trust Journey
The latest edition of our Zero Trust platform vendor evaluation, The Forrester Wave™: Zero Trust Platforms, Q3 2025, published today. It highlights how this market continues to improve upon delivering unified solutions that help simplify and operationalize Zero Trust for organizations. Beginning with The Zero Trust Platforms Landscape, Q1 2025, we researched major players in […]
Blog
Understanding The Real Cyber Risks Behind The Iran-Israel-US Geopolitical Tensions
When geopolitical bombs drop, cyber fallout often follows. Get five key insights to help you focus on the security strategies that matter most during times of geopolitical escalations.
Blog
AWS re:Inforce 2025 — Heavy On User Experience Enhancements, Light On The GenAI Hype
This year's AWS re:Inforce event included a big announcement and revealed other security-related enhancements. Read our top takeaways.
Summer Team Up: Security & Risk Summit
This August, seize the opportunity to elevate your team! Buy one pass for Security & Risk Summit and get one free. Don’t wait — reserve your passes today!
Blog
Announcing The Forrester Wave™: Security Analytics Platforms, Q2 2025 — The SIEM Vs. XDR Fight Intensifies
Find out how our latest analysis of the security analytics platforms space illustrates the dramatic changes this market is undergoing as legacy SIEM vendors are locked in heated competition with surging XDR providers.
Blog
Datadog DASH: A Revolving Door Of Operations And Security Announcements
Datadog’s 2025 keynote showcased a bold vision for AI-driven observability and security, unveiling a sweeping array of autonomous agents and tools designed to transform IT operations. From Bits AI SRE and Security Analyst to LLM Observability and Code Security, Datadog is trying to position itself as a central hub for operational intelligence in an increasingly algorithmic tech landscape.
Blog
Identiverse 2025 Recap: The Identity Trends Reshaping Your Identity Access Management Roadmap
I recently attended Identiverse in Las Vegas. This was my first time back at Identiverse since conference founder Ping Identity sold the conference in 2021. As identity related initiatives continue to dominate Forrester clients’ top priorities and initiatives, I felt impelled to share my perspectives and insights. Here are my five major conclusions and recommendations […]
Blog
Key Takeaways From Cisco Live 2025: Cisco’s Big Bets For Unified Security And AI
Cisco Live 2025 Focused On Three Main Themes: AI, Simplification, And Security At its annual Cisco Live event, the company delivered a clear message: It’s operationalizing AI across the core pillars of networking, security, and observability. Building on last year’s momentum with innovations like Hypershield and Splunk integration, the company has framed its vision around […]
Blog
You Don’t Need To Be Ethan Hunt To Break Into A Building
In today’s hyper-connected buildings, cybercriminals don’t need grappling hooks or disguises — just a vulnerable thermostat or door lock to breach your defenses and disrupt your operations.
Blog
Supply Chain, AI, And Operational Resilience Risks Dominate ERM Programs In 2025
For risk professionals, leading through 2025’s volatility has been like living in an “Alice in Wonderland” unreality. Risk teams have never been more important as a function to guide their businesses through challenges such as geopolitical risk events, trade disruption, economic volatility, and regulatory disruption.
Blog
Small Purchases, Big Risks: Shadow AI Use In Government
Powerful AI tools are now widely available, and many are free or low-cost. This makes it easier for more people to use AI, but it also means that the usual safety checks by governments — such as those done by central IT departments — can be skipped.
Blog
When You Can’t Change The Technology, Change Your Security Policies
When you can’t change the security of external technologies such as IoT, OT, or power infrastructure, you must adapt your internal cybersecurity policies and controls to mitigate the risks that they introduce.
More posts