The Security Snapshot: Improving Your Security Posture During A Global Crisis
The COVID-19 global pandemic was top of mind for security leaders (and everyone else) during the second quarter of 2020. Forrester’s security and risk (S&R) team focused on pandemic recovery and looked at myriad ways to renew your security program and give it new life — from the development of talent and the future of the chief information security officer (CISO) to top trends and recommendations.
The list below is a sample of the reports the S&R team published in Q2 2020 that you can use to fend off cyberattacks, improve your security program, and retain experienced cyberprofessionals.
- Each year, Forrester outlines the most important recommendations for your security strategy for the coming 12 months. We base these recommendations on thousands of client inquiries and interactions, consulting engagements, and dozens of primary research interviews with CISOs, security vendors, major security consultancies, and service providers. CISOs, leverage this report to guide your security program strategy and prioritize changes to security architecture and operations for the coming year: Top Recommendations For Your Security Program, 2020.
- S&R analysts drew insight from client inquiries, research projects, and industry perspectives to uncover the top 10 security technologies to watch, especially during the current COVID-19 pandemic. S&R pros should use this report to cut through the hype and assess technologies that will disrupt security and risk practices over the next three years: The Top Security Technology Trends To Watch, 2020.
- Firms that want to secure applications are challenged by understaffed security teams and a lack of security awareness on the part of developers. Developer security champions are developers who act as a security point of contact in their team. The programs to create and support them, however, require investment and planning. S&R pros should read this report to learn how to build an effective, long-term developer security champions program to create more secure applications: Build A Developer Security Champions Program.
- Complacency, lack of diversity, and a focus on technologies over people are threats to the business. In an environment of competitive hiring and fast-evolving threats, security leaders must invest in professional development and growth for themselves and their staff to create a positive team culture and environment. Read this report to learn more: Maintain Your Security Edge: Develop And Retain Cybersecurity Talent.
- The pandemic has accelerated online customer interactions exponentially, putting pressure on businesses to deliver a secure and optimal customer experience. S&R pros are challenged with building a comprehensive customer identity and access management (CIAM) strategy for their digital businesses. This report provides job descriptions and an overview of the skills required to manage CIAM effectively. This report also details hiring best practices, the typical organizational ownership of CIAM, and how it plays with other technology management and business teams: Building A Customer-Obsessed IAM Team.
- Many S&R pros continue to struggle to sustain identity and access management (IAM) as a top business technology priority. S&R pros who succeed at nurturing their internal and external IAM programs consistently track and communicate metrics that demonstrate not only quantifiable savings but also business benefits. In this report, Forrester uses the Balanced Scorecard approach to detail the most relevant IAM metrics for security, compliance, administration efficiency, and business agility: Develop Actionable Business-Centric Identity And Access Management Metrics.
- Being customer obsessed creates advantage and resiliency in times of change or difficulty. This is especially true for CIAM: The security of the customer experience for the customer’s journey and the CIAM functions’ availability pave the way for secure and low-friction customer acquisition and retention. This report provides rationale and guidance to S&R pros to implement Forrester’s customer-obsessed IAM operating model: The Forrester Customer-Obsessed Identity And Access Management Operating Model.
- Becoming a CISO is challenging, and these security leaders find themselves in situations where they’re forced to conform, rather than excel. This report outlines types of CISOs, including the background, behaviors, and characteristics that will help security leaders identify their brand and be true to it. In this report, security leaders will develop an elevator pitch that defines who they are, the situations they’re looking for, and what they want next for their careers: The Future Of The CISO.
- Security teams must stay focused to serve their primary purpose of protecting customers and employees from malicious attackers. However, because of the pressure and stress that security pros face, toxic culture abounds. To keep security pros motivated and creative, CISOs must acknowledge and address the sources of toxic culture. Use this report to understand the primary sources of toxic culture and how to fix them: Fix Toxic Security Culture Before It Kills Your Innovation.
(written with Alexis Bouffard, research associate at Forrester)