Ed Ferrara

Principal Analyst serving Security & Risk PROFESSIONALS

Ed contributes to Forrester's offerings for the Security & Risk Professional, leading the company's coverage of security metrics, security program effectiveness, security awareness, and enterprise security information architecture. Ed's research builds on his work as a highly experienced in-program manager for the design and delivery of secure information technology solutions, including strategy, process, applications, and infrastructure. He has consulted with Fortune 50 companies in the area of solution determination based on understanding the needs and the skills required to create a successful security posture for large complex organizations.

Previous Work Experience

Before coming to Forrester, Ed's background was in information security consulting, leading a global information security practice for financial services, commercial, and chemical clients. Ed is an expert in the design and delivery of secure, cost-effective, high-performance information security solutions, methodology, and standards to address complex business and security problems. Ed holds a US patent in the area of software development, specifically in the area of software requirements traceability using UML and software patterns to align business requirements with IT implementation. He has successfully developed and implemented technology and organizational change programs globally for Fortune 100 companies. Ed has strong program and project management skills, as well as, demonstrated competence in multidivision matrix management, technical management, relationship building, and projecting influence at the C-level. Ed holds the CISSP certification.

Education

Ed holds two master's degrees, in education technology and computer science from the University of Delaware and information assurance (cum laude) from Norwich University, as well as a bachelor's degree in economics from Franklin & Marshall College.

Refine your results

Date Range

Role

Methodology

Industry

Topics

Market Imperatives

Region

Vendor

40 results in Reports

  • Ed Ferrara
  • For CIO Professionals

    Report:PRISM's Impact On The US Cloud Industry

    Forrester Survey Suggests NSA Spying Has Driven More Use Of Encryption Than Migration

    Since Edward Snowden revealed the US National Security Agency's PRISM spying program, there has been widespread speculation that the announcement would ruin the fates of US cloud, hosting, and...

    • Downloads: 57
  • For Security & Risk Professionals

    Report:Quick Take: The State Of Privacy In The Union

    President Obama Introduces Privacy Initiatives With High Merit But Low Potential

    United States President Barack Obama introduced several proposed privacy initiatives in his 2015 State of the Union address and in preview comments he made to the Federal Trade Commission (FTC) the...

    • Downloads: 67
  • For Security & Risk Professionals

    Report:Measure The Effectiveness Of Your Security Operations

    Performance Management: The Security Architecture And Operations Playbook

    Information security programs have struggled with legitimacy with senior leaders for a long time. There are many reasons for this, but the root cause is the historical inability of CISOs to explain...

    • Downloads: 917
  • For Security & Risk Professionals

    Report:Understand Cybersecurity And Risk Budgets For 2015

    Benchmarks: The S&R Practice Playbook

    2014 was a watershed year for cybercrime, and companies of all sizes have noticed. Executives are now placing renewed emphasis on cybersecurity, and budgets are increasing accordingly. Chief...

    • Downloads: 271
  • For Security & Risk Professionals

    Report:Quick Take: Sony Breach — A Sad Tale Of Epic Failure That Could Have Been Avoided

    Businesses Must Prepare For Politically And Socially Motivated Cyberattacks And Cyberespionage

    Although we are in the early stages of Sony Pictures Entertainment's (SPE's) catastrophically embarrassing intrusion, there are still many lessons that security and risk (S&R) professionals can take...

    • Downloads: 264
  • For Security & Risk Professionals

    Report:Quick Take: Cisco Acquires Neohapsis

    Deal Will Expand Cisco's Capabilities In Application, Cloud, And Mobile Security

    Cisco Systems announced this week its intent to acquire closely held Chicago-based Neohapsis, a decision that will substantially broaden Cisco's consulting capabilities. Most notably, the acquisition...

    • Downloads: 36
  • For Security & Risk Professionals

    Report:Measure The Effectiveness Of Your Data Privacy Program

    Performance Management: The Data Security And Privacy Playbook

    Privacy is one of the most important and emotional issues in information security. Privacy, or the lack thereof, affects a company's management, employees, and most importantly, customers. With the...

    • Downloads: 562
  • For Security & Risk Professionals

    Report:Develop Effective Security Metrics

    Performance Management: The S&R Practice Playbook

    Establishing meaningful security metrics is a key initiative for chief information security officers (CISOs) today, and for nearly all of them, it's a struggle. Some CISOs use a broad brush approach,...

    • Downloads: 2581
  • For Security & Risk Professionals

    Report:The Forrester Wave™: Managed Security Services: North America, Q4 2014

    Tools & Technology: The S&R Practice Playbook

    Forrester's 26-criteria evaluation of managed security service providers (MSSPs) included the 13 most significant vendors in the North American market that security and risk professionals can turn to...

    • Downloads: 372
  • For Security & Risk Professionals

    Report:The Forrester Wave™: Public Cloud Platform Service Providers' Security, Q4 2014

    Public Cloud Platforms Step Up Their Security Game, But Is It Enough To Safely Deploy Critical Applications And Data To The Cloud?

    Nearly every large enterprise today is building and deploying new applications on one or more of the leading public cloud platforms. But rarely is this initiative done with the security and risk...

    • Downloads: 389
  • For CIO Professionals

    Report:Quick Take: CIOs Must Respond To Amazon's Disruptive Cloud

    Amazon's Relentless Pace Continues At re:Invent With Nine New Services

    The Amazon Web Services (AWS) re:Invent 2014 conference is something of an understatement as far as names go. This year's AWS conference was bigger than ever, with more than 13,500 attendees from 63...

    • Downloads: 161
  • For Security & Risk Professionals

    Report:Predictions 2015: Data Security And Privacy Are Competitive Differentiators

    Landscape: The Data Security And Privacy Playbook

    Love him or hate him, Edward Snowden's revelations of widespread National Security Agency (NSA) government surveillance triggered an international discussion and debate on privacy. Suddenly, the...

    • Downloads: 373
  • For Security & Risk Professionals

    Report:Create A Security Strategy That Builds Real Business Value

    Strategic Plan: The S&R Practice Playbook

    Creating and maintaining a security strategy are fundamental tasks for CISOs; the strategy is a declaration of intent and a foundation for change. Unfortunately, many strategies fail to create...

    • Downloads: 229
  • For Security & Risk Professionals

    Report:Quick Take: BAE Systems Buys SilverSky

    Acquisition Extends BAE's Analytics And Threat Intelligence Into Commercial Markets

    BAE Applied Intelligence — a subsidiary of BAE Systems — has made the next logical step to operationalize its security analytics and threat intelligence offerings by acquiring managed...

    • Downloads: 59
  • For Security & Risk Professionals

    Report:CISOs Need To Add Customer Obsession To Their Job Description

    Business Case: The S&R Practice Playbook

    In today's connected world, security is an essential feature for all digitally delivered products and services. Soon, no one will purchase a product or service if they believe the effort will pose...

    • Downloads: 213
  • For Security & Risk Professionals

    Report:Brief: Work With The US Government On Cybersecurity Innovation

    The Department Of Homeland Security Announces Funding For Cybersecurity Research

    The US Federal government's participation in cybersecurity has been burdened with false starts and political wrangling. Members of the US Congress and the Executive Branch of the US Government have...

    • Downloads: 115
  • For Security & Risk Professionals

    Report:Detecting Cyberthreats With Fraud-Based Advanced Analytics Technology

    New Security Analytics Capabilities Will Replace Traditional SIEM, And Security Service Providers Will Lead The Adoption

    Security and risk (S&R) professionals know that cyberattacks are often the first step in the complex dance of credit card theft and the fraud that results. Cyberattacks take many forms and affect...

    • Downloads: 354
  • For Security & Risk Professionals

    Report:Brief: AT&T And IBM Accelerate The Move To Utility-Based Security

    Reliable And Effective Security Utilities Free Resources So That CISOs Can Focus On Customers

    AT&T and IBM announced in February a strategic alliance to provide a set of comprehensive security services that, if successful, would define the next generation of managed security services...

    • Downloads: 160
  • For Security & Risk Professionals

    Report:Market Overview: Managed Security Services, Europe, Q2 2014

    Twenty-One Providers To Consider For Managed Security Services In The European Market

    As security and risk professionals rush to deal with new business complexities and threats, they're turning to third parties to extend their organizations' security capabilities with as much...

    • Downloads: 473
  • For Security & Risk Professionals

    Report:Top 15 Trends S&R Pros Should Watch: 2014

    Each year, analysts from across Forrester's security and risk research team draw insight from our hundreds of enterprise questions, vendor briefings, and consultations; the 25-plus research projects...

    • Downloads: 653
  • For Security & Risk Professionals

    Report:Quick Take: Stem The "Heartbleed"

    How To Fix A Broken OpenSSL Implementation And What To Do While Everyone Else Fixes Theirs

    To secure eCommerce, banking, healthcare, and other high-risk transactions, many security pros use the secure socket layer/transport layer security (SSL/TLS) protocol to encrypt sensitive information...

    • Downloads: 391
  • For Security & Risk Professionals

    Report:AWS Cloud Security

    AWS Takes Important Steps For Securing Cloud Workloads

    Security to and from the cloud is a hot topic. The notion that cloud technologies should not be used by large enterprises due to security concerns is rapidly fading. Security still ranks as the No. 1...

    • Downloads: 667
  • For Security & Risk Professionals

    Report:Twelve Recommendations For Your Security Program In 2014

    Customer Trust And Digital Disruption Are Key Considerations For Your 2014 Security Strategy

    Every winter Forrester outlines 12 important recommendations for your security and risk management strategy for the coming year. These recommendations stem from our understanding of the current state...

    • Downloads: 1003
  • For Security & Risk Professionals

    Report:Quick Take: FireEye Acquires Mandiant

    FireEye Emerging As A Leader In A New Breed Of Security Companies

    On January 2, 2014, FireEye announced its acquisition of incident response and forensics specialist Mandiant for nearly $900 million in stock and $100 million in cash. With this acquisition, FireEye...

    • Downloads: 196
  • For Security & Risk Professionals

    Report:Quick Take: Akamai Acquires Prolexic, Doubling Down On DDoS Mitigation Services

    On December 2, 2013, Akamai Technologies announced its acquisition of Prolexic Technologies, a provider (with more than 400 customers) of cloud-based DDoS protection and mitigation services for data...

    • Downloads: 160