Search Results

• Report The Forrester Wave™: DDoS Mitigation Solutions, Q1 2021

  The 11 Providers That Matter Most And How They Stack Up

  March 3, 2021 | David Holmes

  In our 28-criterion evaluation of DDoS mitigation solution providers, we identified the 11 most significant ones — A10 Networks, Akamai Technologies, Alibaba Cloud, Amazon Web Services, Cloudflare,...

• Report A Practical Guide To A Zero Trust Implementation

  Roadmap: The Zero Trust Security Playbook

  March 3, 2021 | Steve Turner, David Holmes, Chase Cunningham

  Zero Trust is becoming the security model of choice for enterprises and governments alike. However, security leaders often don't know where to begin to implement it, or they feel daunted by the...

• Report Forrester Infographic: Static Application Security Testing Usage Aimed At Developers

  March 2, 2021 | Sandy Carielli

  Customers of the vendors evaluated in "The Forrester Wave™: Static Application Security Testing, Q1 2021" push greater adoption of static application security testing (SAST) as a critical DevSecOps...

• Report Forrester Infographic: Retail CISO Career Paths

  March 2, 2021 | Jeff Pollard

  Seventy-nine percent of retail and consumer product companies from the Fortune 500 have a dedicated CISO with a public presence. To understand the skills, experience, and education that qualify...

• Report The Forrester New Wave™: Cybersecurity Risk Ratings Platforms, Q1 2021

  The Seven Providers That Matter Most And How They Stack Up

  February 25, 2021 | Paul McKay, Alla Valente

  In Forrester's evaluation of the emerging market for cybersecurity risk ratings, we identified the seven most significant providers in the category — BitSight, Black Kite (previously Normshield),...

• Report Forrester Infographic: CISO Career Paths 2.0

  February 10, 2021 | Jeff Pollard

  This is a 2020 update of our 2017 analysis of CISO backgrounds and current career profiles. We analyzed data from CISOs and heads of security in the Fortune 500 via LinkedIn to understand the...

• Report Use Forrester's CISO Strategic Canvas To Align Security With Business

  Strategic Plan: The S&R Practice Playbook

  February 10, 2021 | Jeff Pollard, Jinan Budge

  Security leaders know it's critical to align their efforts to the business, speak their business colleagues' language, and show support for business objectives. But with never-ending inbound...

• Report Best Practices And Trends: Voice Biometrics

  Voice Biometrics Can Improve Security And Customer Experience

  February 10, 2021 | Andras Cser, Sean Ryan

  Voice biometrics offers improved account access security and user experience. Modern voice biometrics solutions resist replay attacks and have improved in accuracy and performance in the past five...

• Report Remove The Mystery From Security Metrics

  Performance Management: The S&R Practice Playbook

  February 5, 2021 | Jeff Pollard

  CISOs continue to have difficulty creating meaningful security metrics despite a decade of discussion. Without good metrics, the security organization can't participate in business conversations...

• Report Build A High-Performance, Customer-Obsessed Security Organization

  Executive Overview: The S&R Practice Playbook

  February 2, 2021 | Joseph Blankenship

  CISOs must rapidly evolve to become business managers who protect their firm's brand, strengthen its reputation, and build customer trust. To do so, CISOs need far more than just the latest...

• Report How To Integrate Threat Intelligence Into Your Security Program

  Reducing Risk And Uncertainty To Your Organization With Threat Intelligence

  January 15, 2021 | Brian Kime

  An effective security architecture requires insights into your organization's threat landscape, but many S&R professionals are disappointed in the results of their threat intelligence efforts. This...

• Report How To Manage The Human Risk In Cybersecurity

  Continuous Improvement: The S&R Practice Playbook

  January 13, 2021 | Jinan Budge

  Traditional approaches to security communication are limited to perfunctory one-off training sessions that fail to take customers, regulators, and other external stakeholders into account and...

• Report The Forrester Wave™: Static Application Security Testing, Q1 2021

  The 12 Providers That Matter Most And How They Stack Up

  January 11, 2021 | Sandy Carielli

  In our 28-criterion evaluation of static application security testing (SAST) providers, we identified the 12 most significant ones — CAST, Checkmarx, GitHub, GitLab, HCL Software, Micro Focus,...

• Report The State Of Network Security, 2020 To 2021

  Benchmarks: The Zero Trust Security Playbook

  January 7, 2021 | David Holmes, Heidi Shey

  This data-driven report outlines budgeting and spending, security group responsibilities, network security technology, and services adoption in North American and European organizations for 2020 to...

• 

  Playbook The Zero Trust Security Playbook For 2021

  Defend Your Digital Business From Advanced Cyberattacks Using Forrester's Zero Trust Model

  In today's threat landscape, skilled, organized, well-funded cybercriminals are working to steal your data — the lifeblood of your digital business — in pursuit of economic, political, or military...

  Read more of the Executive Overview >

• Report Now Tech: External Threat Intelligence Services, Q4 2020

  Forrester's Overview Of 30 External Threat Intelligence Services Providers

  December 28, 2020 | Brian Kime, Elsa Pikulik

  You can use external threat intelligence services to reduce the risk of vulnerability exploitation, protect your brand's reputation, and monitor and track cyberthreats. But to realize these...

• Report Don't Ignore Security In Low-Code Development

  Low-Code Mitigates Some Security Risks — But "Citizen Developers" Bring New Challenges

  December 23, 2020 | Sandy Carielli, John Bratincevic

  The low-code movement can turn anyone into a developer, but it can't turn anyone into a security-aware developer. Low-code platforms abstract away some security risks, but other security...

• Report Gauge Your Data Security And Privacy Maturity

  Assessment: The Data Security And Privacy Playbook

  December 18, 2020 | Enza Iannopollo, Heidi Shey

  To transition from an organization that treats privacy and data security as compliance requirements to achieve the lowest possible cost to one that champions privacy and uses its technology prowess...

• Report Now Tech: Managed Detection And Response Services Providers, Q4 2020

  Forrester's Overview Of 42 Managed Detection And Response Providers

  December 16, 2020 | Jeff Pollard

  You can use managed detection and response (MDR) to attain significant expertise to help drive detection and response, become proactive rather than reactive, and choose what the security team will...

• Report Multinational Firms Must Quickly Adapt To The UK's Divergence From EU Privacy Standards

  December 3, 2020 | Enza Iannopollo

  With Brexit negotiations coming to an end and a deal with the EU still out of sight, data protection matters are more uncertain than ever. Meanwhile, the UK data protection regulator is softening...

• Report The Forrester Wave™: Security Analytics Platforms, Q4 2020

  The 11 Providers That Matter Most And How They Stack Up

  December 1, 2020 | Joseph Blankenship, Claire O'Malley

  In our 27-criterion evaluation of security analytics platform providers, we identified the 11 most significant ones — Exabeam, FireEye, Gurucul, IBM Security, LogRhythm, Micro Focus, Microsoft,...

• Report Define A Roadmap To Accelerate Your Security Program

  Roadmap: The S&R Practice Playbook

  December 1, 2020 | Jinan Budge, Paul McKay

  Turning strategy into action reveals a CISO's worth. A solid security roadmap is the best way to do this; it guides implementation efforts, shows support for key business initiatives, and explains...

• Report Gauge Your GRC Program Maturity

  Assessment: The Governance, Risk, And Compliance Playbook

  November 6, 2020 | Renee Murphy, Alla Valente

  Risk management pros must objectively assess their governance, risk, and compliance (GRC) program to identify gaps and highlight strengths to successfully create a roadmap for improvements. This...

• Forum Security & Risk Global

  Leading the Way

  September 22, 2020 | Live Virtual Experience | Laura Koetzle, Stephanie Balaouras, Heidi Shey

  As attackers get more sophisticated and new technologies emerge, the strategies to protect your organization’s valuable data must also evolve. Attend Security & Risk to learn about...

• Report The Zero Trust eXtended Ecosystem: Data

  Landscape: The Data Security And Privacy Playbook

  August 11, 2020 | Heidi Shey, Chase Cunningham

  Data security is a key pillar of Zero Trust. Security leaders must use standalone data security technologies as well as data security capabilities within adjacent security technologies and...