Andras Cser

Bots are bigger than the security team. Conversations with security professionals concerned about bots often start with credential stuffing attacks, but the bot landscape is much broader and can directly impact your top line. Even the defenses have business impacts: A bot management solution that slows down traffic on the biggest shopping day of the […]

How can campaign leaders balance their desire for economies of scale with the need to deliver campaigns that resonate in local markets?

Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.

When our colleagues Claire O’Malley and Brian Kime wrote their “Point/Counterpoint: The Ethics Of COVID-19 Phishing” blog in March, it turns out they were inadvertently predicting an event that took place this week: An employee took to social media to speak out about a highly insensitive phishing simulation. Tribune Publishing Company, publisher of newspapers like […]

Read Forrester's take on CyberArk announcing its acquisition of identity-as-a-service vendor Idaptive.

Cybercriminals are using the pandemic to dramatically increase phishing attacks, effectively targeting work-from-home employees. Find out how you can minimize the threat.

Security awareness testing for employees should be realistic. Yet those overseeing phishing drills should be careful when using coronavirus-related messaging.

New risks emerge around user location data that may have you rethinking your cybersecurity plan.

When looking for an AML services provider, there are three primary factors organizations need to keep in mind.

Yesterday, Broadcom announced a definitive deal to acquire the enterprise business of Symantec for $10.7 billion in cash. This deal caps weeks of speculation that Symantec was in play, initiated in May 2019 following the sudden resignation of Symantec CEO Greg Clarke in May and a downward revision to Symantec’s FY 2020 revenue guidance earlier […]

The National Institute of Standards and Technology (NIST) has not been recommending SMS OTP 2FA for a while precisely because of SMS inbox takeovers, MITM attacks, etc. From the license cost perspective, the price of moving away from SMS (to Google Authenticator, for example) is minimal. Google publishes guides on how to do this. From […]

Rain Capital is shaking up the investment side of cybersecurity. Apart from only 11% of cybersecurity professionals being women, venture capital (VC) firms also suffer from a gender disparity with limited diversity. According to TechCrunch, only 8% of partners from the top 100 venture firms were women in 2017, and eight of these top 100 […]

This weekend, The New York Times released a story detailing a sexist, toxic culture that’s been tormenting Nike employees for years. The story shares instances of sexist comments, work trips to strip clubs, sexually graphic conversations, and unwanted advances that’ve forced many women to quit over the years. But did they go to HR? Yes. […]

With the latest change to the BofA online banking bill pay service (which added all sorts of unnecessary and distracting icons and ugly fonts), the bank decided to remove the one-time password two-factor authentication (OTP 2FA) requirement to force the customer to perform a one-time password-based step-up authentication before allowing the change. Instead, by default, […]

Palo Alto Networks (PAN) today announced plans to acquire Evident.io, a predominantly API-based cloud monitoring vendor for $300 million in cash. Evident.io has a large mind share among Forrester’s end user clients and is also regularly mentioned by other cloud workload security management (CWS) vendors as a viable competitor. With PAN expanding Aperture into a […]

The most infuriating advice I’ve received about succeeding in cybersecurity is to, “Have a thick skin,” usually followed by, “Don’t take him seriously, he doesn’t even realize what he’s saying.” These are not words of wisdom—they’re a defense of predatory behavior that belittles the issues women face every day and normalizes sexual harassment. For my […]

In the light of large network security vendors (Cisco, Palo Alto, Symantec, Zscaler, etc.) acquiring or building Cloud Security Gateway (CSG, also known CASB) vendors, it comes as little to no surprise that McAfee also invested in this area. In Forrester’s estimates, SkyHigh annual revenues were around USD $40-45 million/year. Looking at similar deals, Forrester […]

Today, SAP announced it has acquired Mountain View, CA based Customer Identity and Access (CIAM) provider Gigya. Several media outlets placed the purchase price in the $350M range. Gigya has been a CIAM vendor since 2010 and raised ~$105M in venture capital, so if the purchase price is accurate, it reflects a good return for […]

Given Symantec's recent acquisiton of BlueCoat (and with it BlueCoat's earlier acquired Elastica and Perspecsys cloud security gateway (CSG) assets), and IBM's organic buildout of its Cloud Security Enforcer CSG solution it comes hardly as a surprise that Cisco today announced its intent to acquire CloudLock for US$293M (in Forrester's estimation this purchase price represents […]