Security Services

Get information on the latest security services trends and let Forrester help you protect your organization’s digital assets.

Discover how Forrester supports IT professionals.

Insights

Blog

Generative AI Goes Mainstream In Security With Microsoft Security Copilot

Allie Mellen 4 days ago
Typically, security is late to the game with technology innovation. Before we get to see innovative technology, we have to wait for it to matter to security. This time, however, is different. In January, we predicted how the announcement of ChatGPT could change cybersecurity, and today, our predictions were validated again with the announcement of […]
Blog

2023 Security Recommendations: Protect Your Ass(ets) And Lawyer Up

Jeff Pollard March 6, 2023
Forrester recently published Top Recommendations For Your Security Program, 2023 for CISOs and other senior cybersecurity and technology leaders. This year’s overarching theme involves protection (as you might expect) — but not exactly in the way you’d think in the context of security. In 2023, our recommendations fall into three major strategic themes for security […]

Unlock The Secret To 2023 Tech Success

Attend our predictions webinar on overcoming resource constraints with a focus on resiliency and talent.

Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog

Five Reasons Why CISOs Should Report To CEOs

Jeff Pollard February 21, 2023
Cybersecurity problems won’t disappear, but CISOs who are elevated in the organization run better cybersecurity programs.
Blog

Cybersecurity Risk Dashboards: No Value, Extreme Liability

Jeff Pollard January 30, 2023
Over the last 12 months, “risk dashboards” became all the rage in cybersecurity, with varied titles such as “risk index,” “security baseline,” “security posture,” and “risk posture.” These dashboards appear in a vendor’s user interface and purport to help security programs improve. Some even offer coveted “benchmark data” that leaders can share with boards and […]
Blog

Meet The New EMEA Cybersecurity Analyst

Tope Olufon December 5, 2022
Meet Tope Olufon, the new analyst covering cybersecurity in EMEA.
Blog

Predictions 2023: Security Pros Face Greater Internal Risks

Heidi Shey October 31, 2022
On top of the usual challenges, in 2023, security pros will see more risk coming from internal forces, such as enabling anywhere work and the future of the office. Learn more in our 2023 predictions.
Blog

Cyber Grant Program Is Welcome News For Small Governments

Erik Nost September 21, 2022
Local governments have become frequent targets of cyber attacks, and funding and planning for preventing for more attacks have been left largely to the local level. A new initiative is changing that.
Webinar

Shape Your 2023 Cybersecurity Priorities For Uncertain Times

As 2023 approaches, security leaders are hard at work planning for the cybersecurity trends headed our way – setting budgets, developing plans, and establishing priorities. Is your plan on track?
Blog

To Drive Trust, Minimum Viable Product Needs Minimum Viable Security

Sandy Carielli August 30, 2022
What does minimum viable product planning have to do with security and customer trust? Find out in this preview of our upcoming Security & Risk North America event.
Blog

Five Reasons To Buy A Service Before A Product

Jeff Pollard August 17, 2022
Learn why moving away from legacy thinking on products and services leads to far better outcomes.
Blog

Asia Pacific MSS Firms Are The New “Minions” In “The Incredibles” Suits

Fahad Ehsan August 2, 2022
For many years, managed security services providers (MSSPs) have been sold as shining knights and superheroes that will come to the rescue and solve all of your security problems. From what we have seen, this is far from the truth, and most MSSPs have not been able to provide a consistent client experience. The problem […]
Blog

The Reaper Comes For Cyber Unicorns

Jeff Pollard June 13, 2022
While the economic downturn is in its early stages, it looks as though the hypergrowth phase of the cybersecurity vendor party has reached an abrupt end.
Blog

Microsoft Launches MDR And Hops On The Everything-As-A-Service Bandwagon

Jeff Pollard May 10, 2022
Everything-eventually-becomes-a-service which Microsoft demonstrates by launching its own version of managed detection & response. We discuss what CISOs need to know, how it will impact the market, and what to look for next.
Blog

Meet Fahad Ehsan, Forrester’s Newest Security And Risk Analyst

Fahad Ehsan April 22, 2022
Hello, my name is Fahad Ehsan, and I am the newest analyst on the Forrester’s security and risk team. I will be joining Frederic Giron, Jinan Budge, and David Holmes, conducting research on managed security service providers, vulnerability management, Zero Trust, and cloud security. Tell Us About Yourself I was born and raised in Lahore, […]
Blog

Announcing Analyst Experience: SOC Analysts Finally Escape The Shackles Of Bad UX

Jeff Pollard April 18, 2022
The toughest battle SOC analysts face every day should not be with the technology they use. Analyst Experience (AX) will help solve that problem.
Blog

Our 2022 Top Recommendations For Your Security Program: CISOs Get An Offer They Can’t Refuse

Jeff Pollard April 6, 2022
The Coppola classic has a few surprising parallels with today's chief information security officer.
Blog

The Return Of The Forrester Wave™: Cybersecurity Incident Response Services

Jess Burn April 4, 2022
The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 is now live! This is the first evaluation of cybersecurity incident response service (CIRS) providers we’ve published since March of 2019. Remember 2019? Ah, those halcyon pre-pandemic days … back when most of us were traveling freely, meeting in person, blissfully unfamiliar with the challenges of […]
Blog

European MSS Firms Are Letting Down Their Customers By Providing More “Pew-Pew Maps” And Noise Rather Than Remediation Support

Paul McKay March 28, 2022
We’ve all been on a site visit to a managed security services (MSS) provider’s security operations center (SOC), where your prospective MSS provider shows you yet another set of screens with big “pew-pew maps” with little dots and lines going haywire where it has seen cyberattacks. These maps are about as useful as an NFT: […]
Blog

Chronicles Of Mandiant: Google Put A Ring On It

Jeff Pollard March 8, 2022
Mandiant trades up from FireEye and finds a home within Google Cloud Platform.
More posts