Andras Cser

VP, Principal Analyst

Forrester Bio

Author Insights

Blog

Identiverse 2026 Recap: Identity Security For Agentic AI Dominates

Andras Cser 6 days ago
Last week’s Identiverse conference in Las Vegas left no doubt that the scope and importance of identity security is now magnified. Identiverse 2026 underscored the current transition in identity security as organizations grapple with an expanding universe of identities beyond humans. As Ping Identity CEO Andre Durand framed it in his opening keynote, the industry […]
Blog

Use The New Executive Order As A Canary For Enterprise PQC Migration And Procurement

Heidi Shey June 24, 2026
On June 22, 2026, the White House issued a new executive order (EO), Securing the Nation Against Advanced Cryptographic Attacks. While it has direct implications for federal agencies, there are parts that are worth paying attention to for enterprise security and risk leaders. Here’s what’s worth your attention, whether or not you hold a federal […]

Hear more from Andras Cser

Upcoming Events

Security & Risk Forum

Upcoming Webinars

Check back soon for upcoming webinars.

OnDemand Webinars

Check back soon for on-demand webinars
Blog

New Executive Order Makes PQC Migration A Multiyear Operational Program For Federal Security Leaders

Heidi Shey June 24, 2026
For a private-sector CISO, a new US executive order (EO), Securing the Nation Against Advanced Cryptographic Attacks, is an additional signal and call to action. For federal security leaders, it’s an order with your name on it. The recap on what to do is short: Inventory your cryptography, name someone to run the migration, and […]
Blog

Anthropic’s Claude Rolls Out End-User Identity Verification

Andras Cser May 4, 2026
Anthropic is now requiring select users to successfully complete a physical government-issued ID document verification (PIDV) process “for a few use cases,” although those use cases are not currently specified. Anthropic is the data controller in the process and will be using identify verification (IDV) provider Persona Identities to conduct the IDV process. IDV prompts […]
Blog

Unified Financial Crime Management Is Not Just For Small And Regional Banks

Andras Cser March 11, 2026
Fraud management and anti-money laundering (AML) solutions share common traits and requirements: Both are about risk scoring of entities (names, phone numbers, email addresses, accounts) and routing and investigating alerts and cases to AI agents and human investigators. While smaller, regional financial institutions (FIs) and insurers have always been motivated to consolidate tools and resources […]
Blog

Think Hardware Security Modules Aren’t Exciting? Think Post-Quantum Migration!

Andras Cser January 30, 2026
Hardware security modules (HSMs) are a key foundational security component of public key infrastructure. HSMs hold the crown-jewel keys for encryption and digital signatures and perform encryption and decryption operations on protected data and payment information. While HSMs have been in use for decades, they now play an oversized role in migrating to post-quantum security […]
Blog

What We Saw At AWS re:Invent 2025

Lee Sustar December 10, 2025
The goal of this year’s event was to position AWS as a newly transformed, AI-native cloud that’s ready right now. Here’s a closer look at the key announcements and developments.
Blog

UK Government Plans To Mandate Digital eID For All Legal UK Residents

Andras Cser October 16, 2025
The UK government plans to mandate an electronic digital identity scheme and credential to all legal residents and employees of the UK to prove immigration and employment eligibility status. Read our assessment of the benefits, challenges, and concerns.
Blog

Is Zero Trust Canceled? Revisiting DEF CON Research

James Plouffe September 3, 2025
Did AmberWolf’s talk at DEF CON 33 uncover any true fundamental flaws in Zero Trust? Although we think the research uncovered some significant issues, calling it a “total bust” is definitely overblown. Find out why.
Blog

Palo Alto Networks Enters The Identity Security Market With $25B Purchase Of CyberArk

Allie Mellen July 31, 2025
The third-largest cybersecurity M&A deal in history makes sense in some respects, but the track record on mega security and identity tie-ups is incomplete and unproven.
Blog

Microsoft Retires Password Management In Authenticator

Andras Cser July 30, 2025
Microsoft’s move to gradually retire password management capabilities in its Authenticator application will have three immediate effects.
Blog

AWS re:Inforce 2025 — Heavy On User Experience Enhancements, Light On The GenAI Hype

Allie Mellen June 25, 2025
This year's AWS re:Inforce event included a big announcement and revealed other security-related enhancements. Read our top takeaways.
Blog

President Trump Amends Previous Cybersecurity Executive Orders: Here Is What You Need To Know

Sandy Carielli June 12, 2025
President Trump recently issued an executive order on national cybersecurity that amended and struck several provisions in prior EOs related to cybersecurity. Here’s what security leaders need to know.
Blog

Worldcoin Orb Identity Verification Device Faces Headwinds In Mass Adoption

Andras Cser May 21, 2025
Last week, identity verification and authentication startup World (which was cofounded by OpenAI cofounder Sam Altman) announced that it is broadening operations of its Orb device in the US.
Blog

Tackling Cloud Security: US State And Local Government Edition

Andras Cser May 20, 2025
Learn some of the unique challenges that state and local governments face when it comes to cloud security and governance.
Blog

It’s Time To Start Planning Your Postquantum Migration

Sandy Carielli May 12, 2025
When will quantum computers will be able to break asymmetric cryptography and algorithms? And what steps should you take to prepare? Find out in this preview of a report on quantum security.
Blog

RSAC Conference 2025: Innovation Sandbox Turns 20

Sandy Carielli May 7, 2025
RSAC Conference 2025 featured the 20th annual Innovation Sandbox competition. Learn more about the entrants and results in this review of the event.
Blog

Tackling Cloud Security: US Federal Edition

Andras Cser May 7, 2025
Back in 2007, the first US federal CIO, Vivek Kundra, was appointed. Shortly after in December of 2010, he launched one of the world’s first “cloud-first” initiatives, making many US federal agencies such as the General Services Administration (GSA) some of the earlier innovators in this arena.
Blog

RSAC Conference 2025: Welcome To The Petting Zoo

Sandy Carielli May 6, 2025
From live goats and puppies to robot dogs and animal costumes, the RSAC Conference 2025 delivered some unexpected surprises. But it also delivered the usual insight into various trends in the security market today. Find out more in this RSAC review.
Blog

OpenAI Requires Identity Verification For Access To Its Latest Models

Andras Cser April 17, 2025
OpenAI announced that it will require organizations to complete an identity verification (IDV) process to verify their organization’s identity before being allowed to access the latest OpenAI models. Identity verification will likely require developers to digitally verify themselves using government-issued photo ID from permitted countries and prove their affiliation with their organization. Forrester expects that […]
More posts