Zero Trust Model

As data security becomes a business imperative for every company and industry, leveraging a Zero Trust security framework (ZTX) can streamline the path to compliance. Learn more about Forrester’s Zero Trust research and framework here.

Discover how Forrester supports IT leaders.

Insights

Blog

High-Performance IT: Security Enters The Chat

Sandy Carielli February 8, 2024
You've heard about high-performance IT. Now learn how the CISO and the security organization fits into this new technology model.
Blog

VMware Customers: Brace For Impact

Tracy Woo November 22, 2023
With the VMware-Broadcom deal set for closing, what should you know? Learn five key things VMware customers can expect in the coming years.

Strenthen Security Operations With Agile SecOps

Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.

Podcast

Zero Trust Past, Present, And Future

What It Means October 12, 2023
Zero Trust has evolved since its earliest iterations, but it’s never been more vital than it is today. In this episode, Principal Analyst David Holmes discusses the origins of Zero Trust and its future impact on driving business value.
Blog

A Deep Dive Into The Forrester Wave™: Zero Trust Edge Solutions, Q3 2023

David Holmes August 29, 2023
Get an inside look at the industry’s first evaluation of all-in-one Zero Trust Edge (ZTE) solutions, which some vendors call secure software-defined WAN (SD-WAN) and others call secure access service edge (SASE).
Blog

Introducing The Zero Trust Threat Detection And Response Tech Tide™

Heath Mullins August 8, 2023
As a mariner, I know the value of paying attention to the tides to navigate complex waterways in previously untraveled waters. This Tech Tide™ enables security and risk pros to identify wasteful and redundant technologies while focusing on the current attack surface. As attacks increase in sophistication, Zero Trust threat detection and response has become […]
Blog

Decoding The New Zero Trust Terminology

David Holmes April 27, 2023
Over the last year, I’ve been scared of two things. Our research teams have been planning and publishing a ton of research around Zero Trust, and since we’re analysts, new terminology, and comorbid acronyms, have emerged. My first fear was that all these new terms would confuse both the readers and the market. The second […]
Blog

Asset Management May Make Minds Meander, But Mastery Is Core To Zero Trust

Tope Olufon April 26, 2023
At some point in every organization’s security journey, the problem of asset management inevitably comes up. Solutions are often cosmetic and don’t tackle fundamental issues or provide real visibility. As more organizations chart their Zero Trust course, the asset management problem comes up a lot more, as you cannot mediate what you do not know, […]

Don't Get Misled By Unrealistic AI And Security Expectations

Learn the truth behind ML’s madness, how AI and security (really) work in detection and response, and red-flag claims to avoid.

Blog

All Aboard: Chart Your Course To Zero Trust Intermediate

David Holmes March 9, 2023
Organizations around the world are embarking on their Zero Trust journeys. Often, these voyages are undertaken without a complete understanding of the destination: Zero Trust maturity. Reaching a level of Zero Trust maturity requires careful planning and a steady course to get there. Forrester recently published a report to help security and IT pros achieve […]
Blog

Zero Trust Comes Into The Mainstream In Europe

Tope Olufon March 3, 2023
Until recently, discussions about Zero Trust (ZT) in Europe focused on the what and why. The last year has seen a significant shift in the market, and organizations have now begun focusing on the how. European organizations see significant value in adopting Zero Trust and have taken steps to prioritize adoption. This trend is driven […]
Blog

Get A Head Start On The National Cybersecurity Strategy

Jeff Pollard March 2, 2023
This blog outlines Forrester’s existing Security & Risk research to help organizations navigate, manage, and prepare their organizations for the implications of the National Cybersecurity Strategy.
Blog

Success With Zero Trust Lives And Dies By Executive Support

Allie Mellen February 7, 2023
Forrester originated the Zero Trust Model over a decade ago and defines Zero Trust as: An information security model that denies access to applications and data by default. Threat prevention is achieved by only granting access to networks and workloads utilizing policy informed by continuous, contextual, risk-based verification across users and their associated devices. Zero Trust advocates […]
Blog

Enterprise Firewalls: The Security Tech That Keeps On Ticking

David Holmes December 20, 2022
Learn the three approaches enterprise firewall vendors are taking to work around a shortage of network security techs.

Seven Ways To Bolster Network Security Using Zero Trust Edge

Learn how to implement ZTE across all endpoints in an enterprisewide networking fabric.

Blog

’Tis The Season To Highlight Our Favorite 2022 S&R Research

Joseph Blankenship December 19, 2022
It’s December, the year is almost over, and most of us will be taking the next week off, so what better way to wrap up 2022 than with a review of some of our favorite security and risk (S&R) reports from this year? I teamed up with Senior Research Associate Alexis Tatro to highlight her […]
Blog

Meet The New EMEA Cybersecurity Analyst

Tope Olufon December 5, 2022
Meet Tope Olufon, the new analyst covering cybersecurity in EMEA.
Blog

Redefining Data Security For The Modern Age

Heidi Shey August 30, 2022
Learn how to redefine data security in an age of multicloud, anywhere work, edge computing, and changing privacy regulations.
Blog

New Security & Risk Planning Guide Helps CISOs Set 2023 Priorities

Merritt Maxim August 23, 2022
Which security technologies should be getting the investment in 2023, and which ones should you be scaling back on? Read a few key takeaways from our planning guide for security and risk leaders.
Blog

US Federal Government Continues Cybersecurity Leadership With New OMB Memo

Heath Mullins July 29, 2022
The guidance in the new memorandum enables federal civilian agencies to properly assign cyber-initiative funding toward the most critical areas. Here, we take a closer look.

Get More Risk Mitigation With Your 2024 Budget

Download our 2024 Planning Guide for Security and Risk Leaders to see where strategic cybersecurity investments (and divestments) can deliver more business value.

Blog

SentinelOne Secures Identity First, Deception Second, In Attivo Acquisition

David Holmes March 15, 2022
Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]
Blog

Chronicles Of Mandiant: Google Put A Ring On It

Jeff Pollard March 8, 2022
Mandiant trades up from FireEye and finds a home within Google Cloud Platform.
Blog

OMB’s Zero Trust Strategy: Government Gets Good

David Holmes February 1, 2022
What a time to be alive! Hot on the heels of Forrester’s release of our definition of modern Zero Trust (ZT), the US Office of Management and Budget (OMB) released a memo entitled Moving the US Government Toward Zero Trust Cybersecurity Principles. Coincidence? Yes. A big deal? Also, yes. If executed as mandated, not only […]
More posts